[FEATURE] deniedPaths setting to prevent reading sensitive repos
Preflight Checklist
- [x] I have searched existing requests and this feature hasn't been requested yet
- [x] This is a single feature request (not multiple features)
Problem Statement
Claude Code can read any file accessible on the local filesystem. Organizations may have sensitive repositories (proprietary engineering data, trade secrets, classified information) that developers need cloned locally but should never be read or analyzed by AI tools. There's currently no way to globally exclude paths from Claude Code's access.
Proposed Solution
Add a deniedPaths array to ~/.claude/settings.json:
{
"deniedPaths": [
"/path/to/sensitive-repo",
"/proprietary-data/",
"~/work/classified/*"
]
}
Claude Code would refuse to read, glob, grep, or otherwise access files matching these patterns, returning an error like "Path is in denied list per user settings."
Alternative Solutions
- .claudeignore in repo: Only works when working inside that repo
- CLAUDE.md instructions: Claude still reads the file to see the instructions
- Not cloning locally: Impractical for developers who need the files for their work
Priority
High - Significant impact on productivity
Feature Category
CLI commands and flags
Use Case Example
A developer works on multiple projects, some containing sensitive IP (e.g., rocket propulsion designs, trade secrets). They need these files locally for their IDE, builds, and testing. When using Claude Code on adjacent projects, they want assurance that Claude cannot access the sensitive repos even accidentally via glob patterns or broad searches.
Additional Context
This would provide defense-in-depth for sensitive IP, complementing existing access controls. Similar to how .gitignore prevents accidental commits, deniedPaths would prevent accidental AI access.
This issue has 5 comments on GitHub. Read the full discussion on GitHub ↗