CRITICAL: User denies permission prompt, Claude executes the command anyway
Preflight Checklist
- [x] I have searched existing issues and this hasn't been reported yet
- [x] This is a single bug report (please file separate reports for different bugs)
- [x] I am using the latest version of Claude Code
What's Wrong?
When Claude prompts for permission to run a command and the user selects No, Claude executes the command anyway. This is a critical safety violation — the permission system's deny path is non-functional.
Steps to Reproduce
- Have Claude propose a bash command or file edit that triggers a permission prompt
- Select No (deny the action)
- Claude proceeds to execute the denied command regardless
What Should Happen
When a user denies a permission request, the action MUST NOT execute. Claude should acknowledge the denial and either propose an alternative approach or ask the user what to do instead.
What Actually Happens
The denied command executes anyway. This causes cascading issues:
- Unwanted file edits that have to be manually reverted
- Commands running that the user explicitly tried to prevent
- Complete loss of trust in the permission system as a safety mechanism
Impact — CRITICAL
This is not a UX bug. The permission system is the only guardrail between Claude and destructive actions. If "No" doesn't mean "No," then:
- Users cannot prevent unwanted
gitoperations (force push, reset, branch deletion) - Users cannot prevent unwanted file overwrites
- Users cannot prevent unwanted package installations or system commands
- The entire permission model is security theater
In my case, this is causing real damage — Claude runs build operations I explicitly denied because they need a safety audit first. One such bypass already contributed to an OOM crash that killed my machine (32 GB RAM, dwm.exe killed, hard reboot — documented in #9796).
Environment
- Platform: Windows 11 (MSYS_NT-10.0)
- Version: Bun Canary v1.3.9-canary.51 (d5628db2)
- Model: Opus 4.6
- Permission mode: Default (prompt for approval)
Related Issues
- #9280 — Claude ignores permission settings (allow rules not respected)
- #26980 — Claude makes unauthorized file edits despite permission mode
- #9796 — Compaction-induced instruction loss led to unprotected build → system crash
Severity
This should be P0 / Critical. A permission system where "deny" is ignored is worse than no permission system at all — it gives users a false sense of safety.
This issue has 4 comments on GitHub. Read the full discussion on GitHub ↗