rm -rf command executed without permission despite explicit allow-list in settings.local.json
Resolved 💬 7 comments Opened Dec 29, 2025 by sklarsa Closed Feb 28, 2026
Description:
Claude Code executed rm -rf commands without prompting for permission, despite having a restrictive allow-list configured in .claude/settings.local.json.
Version: 2.0.65
OS: Linux 6.18.1-arch1-2
Steps to reproduce:
- Create
.claude/settings.local.jsonwith restrictive permissions:
{
"permissions": {
"allow": [
"Bash(wc:*)",
"Bash(find:*)",
"Bash(ls:*)",
"Bash(git checkout:*)"
]
}
}
- Ask Claude to remove a directory
- Claude executes
rm -rf /path/to/directorywithout prompting for permission
Expected behavior:
Claude should prompt for permission before executing rm -rf since it's not in the allow-list.
Actual behavior:
The command executed immediately without any permission prompt, deleting the directory.
Commands that bypassed permissions:
rm -rf /home/steven/source/qdb/serverless-functions/services/authrm -rf /home/steven/source/qdb/serverless-functions/services/stargazers
This issue has 7 comments on GitHub. Read the full discussion on GitHub ↗