[BUG] Allowlist patterns don't match piped/compound commands
Preflight Checklist
- [x] I have searched existing issues and this hasn't been reported yet
- [x] This is a single bug report (please file separate reports for different bugs)
- [x] I am using the latest version of Claude Code
What's Wrong?
Permission allowlist patterns in ~/.claude/settings.json don't match commands that include pipes or compound operators (|, &&, ||), even when all individual commands in the pipeline are allowed.
Impact
Significantly disrupts workflow. Users can't step away or split focus while Claude works because piped commands (extremely common in real usage) constantly prompt for approval.
What Should Happen?
Expected Behavior
If all commands in a piped/compound command are individually allowed, the entire command should be allowed without prompting.
Actual Behavior
Commands with pipes still prompt for permission, even when every component command is in the allowlist.
Error Messages/Logs
Steps to Reproduce
- Add "Bash(git )" and "Bash(grep )" to ~/.claude/settings.json allowlist
- Restart Claude Code
- Run a command like: git diff main --stat | grep -E '\.(md|mdx)'
- Claude prompts for permission despite both git and grep being allowed
Claude Model
Opus
Is this a regression?
I don't know
Last Working Version
_No response_
Claude Code Version
Claude 1.1.1520 (48ced7) 2026-01-30T03:29:40.000Z
Platform
Anthropic API
Operating System
macOS
Terminal/Shell
Terminal.app (macOS)
Additional Information
i'm using Claude Code in Claude Desktop.
This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗