Plan mode ignores Read allow rules for files outside project directory
Resolved 💬 3 comments Opened Feb 6, 2026 by superbiche Closed Feb 6, 2026
Description
In plan mode, Read operations to files outside the project working directory trigger permission prompts even when those paths are explicitly allowed in ~/.claude/settings.json.
Reproduction
- Add Read allow rules in
~/.claude/settings.json:
``json``
{
"permissions": {
"allow": [
"Read(~/.claude/*)",
"Read(~/.claude/**/*)"
]
}
}
- Open Claude Code in plan mode on any project
- Ask Claude to read a file from
~/.claude/(e.g., a skill file, CLAUDE.md, or settings) - Expected: Read is auto-approved (matches allow rule)
- Actual: Permission prompt appears for every read
Impact
This is particularly painful when:
- Running multiple panes in plan mode (e.g., 4-pane tmux split) where each session needs to read skills/config from
~/.claude/ - Each pane reads 3-5 files from
~/.claude/at startup (skills, CLAUDE.md, hooks config) - That's 12-20 manual "Yes" approvals just to get started
- The friction defeats the purpose of having pre-approved allow rules
Expected behavior
Plan mode should honor Read() allow rules from settings.json for paths outside the project directory, just like other permission modes do. Plan mode's purpose is to prevent writes — pre-approved reads should pass through.
Environment
- Claude Code on Linux (Fedora 43)
- Permission mode: plan
- Allow rules defined in user-scope
~/.claude/settings.json
This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗