Settings file corruption: 'Always allow' stores entire command content instead of extracting pattern

Resolved 💬 3 comments Opened Jan 21, 2026 by vlad-ko Closed Jan 25, 2026

Description

When clicking "Always allow" on complex bash commands (especially multi-line commands with heredocs), Claude Code stores the entire command content verbatim in the settings file instead of extracting a sensible pattern.

Example of corrupted entries

The settings.local.json file ended up containing entries like:

"Bash(git -C /path/to/repo commit -m \"$(cat <<'EOF'\nfeat(#123): Add new feature\n\nThis is a detailed commit message\nwith multiple lines\nand descriptions...\nCo-Authored-By: Claude <noreply@anthropic.com>\nEOF\n)\")"

And even content that appears to be from echoed output or documentation:

"Bash(| Some table content       |\n| with ASCII borders      |\n..."

Expected behavior

When "Always allow" is clicked on a complex command, it should extract a general pattern like:

  • Bash(git:*) or
  • Bash(git -C:*) or
  • Bash(git commit:*)

Not store the entire command content as part of the pattern.

Impact

  • Settings file grows from ~60 lines to 100+ lines
  • Contains potentially sensitive content (commit messages, paths, project details)
  • Patterns don't actually match future commands (too specific)
  • User gets re-prompted for the same command types repeatedly
  • File becomes corrupted and needs manual cleanup

Workaround

Manually clean up the settings file to use general patterns and avoid clicking "Always allow" on complex multi-line commands.

Environment

  • Claude Code CLI
  • macOS

View original on GitHub ↗

This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗