Allow curl

Resolved 💬 19 comments Opened Feb 26, 2025 by jmaddington Closed Apr 15, 2025
💡 Likely answer: A maintainer (igorkofman, collaborator) responded on this thread — see the highlighted reply below.

I don't know how many times I see this:
Command 'curl' is not allowed for security reasons

After which Claude promptly figures out it can do the exact same request with python's requests library.

Or write the command to a bash script and run that.

Disallowing curl just adds an unnecessary step, eats tokens, and eats context window space.

If the security team feels strongly about it, then I suggest adding a user confirmation first, like users are prompted for when using git, cp, ls etc. for the first time that session.

View original on GitHub ↗

19 Comments

brianthompson-sarcat · 1 year ago

make it a user option. You can have claude-code installed with it disabled, but at least give us the option to enable it. or at least require us to approve each usage of it.

alexeygoncharov · 1 year ago

+

jmaddington · 1 year ago

Here is an example of Code bypassing it:

#!/bin/bash

# Get the API key from environment
API_KEY="XXX"

# Create a JSON payload for the contact
read -r -d '' PAYLOAD << EOM
{
  "first_name": "Curl",
  "last_name": "Test",
  "job_title": "Tester"
}
EOM

# Make the curl request
echo "Creating contact via curl..."
curl -v -X POST \
  "http://localhost:8000/api/v1/my_endpoint/" \
  -H "Content-Type: application/json" \
  -H "X-API-KEY: $API_KEY" \
  -d "$PAYLOAD"

echo "

I understand and appreciate the security concerns and absolutely support Anthropic for keeping it in mind, this just does not seem like an effective measure.

dtinth · 1 year ago

My use case for using curl is to provide documentation page into the context via bash mode, e.g.

!curl -s https://r.jina.ai/https://www.npmjs.com/package/subtitle

Right now it says:

⏺ Command 'curl' is not allowed for security reasons

There is an easy workaround: prefix the command with env

!env curl -s https://r.jina.ai/https://www.npmjs.com/package/subtitle
alexeygoncharov · 1 year ago
My use case for using curl is to provide documentation page into the context via bash mode, e.g. !curl -s https://r.jina.ai/https://www.npmjs.com/package/subtitle Right now it says: `` ⏺ Command 'curl' is not allowed for security reasons ` **There is an easy workaround: prefix the command with env`** !env curl -s https://r.jina.ai/https://www.npmjs.com/package/subtitle

where to put this !env line? > !env curl -s https://r.jina.ai/https://www.npmjs.com/package/subtitle

dtinth · 1 year ago

@alexeygoncharov Use the “bash mode”.

In the Claude Code prompt

<img width="450" alt="Image" src="https://github.com/user-attachments/assets/2388fa8e-17f0-410d-ad1b-f9d1ffb15c86" />

type ! to activate bash mode

<img width="450" alt="Image" src="https://github.com/user-attachments/assets/aa63b18f-7fb1-4db0-8402-223708fcfd18" />

then you can put in the command

<img width="450" alt="Image" src="https://github.com/user-attachments/assets/f3160747-8965-410c-b75c-3df4de7b2f30" />

its result will be in Claude Code's context

Aivean · 1 year ago

@igorkofman, sorry, but this seems like a completely different issue?

while #76 is already covered by a simple MCP server like fetch, disabled curl currently makes debugging http APIs (even local) difficult

ries9112 · 1 year ago

+1 it's really not helpful for local API development, it could at least allow this on localhost. Would love user confirmation for this path, it doesn't feel right that Claude Code would not be aware of its own limitation and run a command that will always fail, and proceed with a python workaround to make the request. Helpful to know about the !env option but generally feels like the current state isn't the optimal solution for this issue

puzanov · 1 year ago

Guys any progress here? Really need to allow potentially "dangerous" commands in config

JohnFlyIII · 1 year ago

A general enhancement to provide Claude Code a list of URLs that are "pre-approved" and CLI commands "pre-approved" would be great.

jmaddington · 1 year ago

@JohnFlyIII CLI commands can be pre-approved, see allowedTools at https://docs.anthropic.com/en/docs/agents-and-tools/claude-code/overview

JohnFlyIII · 1 year ago

excellent, I see that curl and wget are just on your internal blocklist. Thank you.

It would be nice to allow them :)

jmaddington · 1 year ago

@JohnFlyIII hah, I'm with you! I opened the request, sadly I'm not with Anthropic!

There is a claude YOLO npm package that removes basically all restrictions but I haven't tried it.

JohnFlyIII · 1 year ago

I've just made an alias "claudeCurl" and embedded instructions in the project for claude code to run "claudeCurl" anytime it would use "curl". Seems to work and greatly helped in some local API bug fixing

Aivean · 1 year ago
I've just made an alias "claudeCurl" and embedded instructions in the project for claude code to run "claudeCurl" anytime it would use "curl". Seems to work and greatly helped in some local API bug fixing

the presence of multiple workarounds just proves that disallowing curl is not working as a "safety feature", it just hurts the UX. would make much more sense to have it as an option (disabled by default)

igorkofman collaborator · 1 year ago

Good news. We've removed this restriction from the latest version of Claude Code (0.2.70)

Enjoy!

Oliver-Richter · 1 year ago

@igorkofman Hey Igor, even though the curl restriction has been lifted, curl commands still aren’t executing automatically on my end. Is there anything I need to change in my settings to make it work?

igorkofman collaborator · 1 year ago

Should just work. If not, please open a new issue with a detailed repro.

github-actions[bot] · 11 months ago

This issue has been automatically locked since it was closed and has not had any activity for 7 days. If you're experiencing a similar issue, please file a new issue and reference this one if it's relevant.