[BUG] Dangerously-skip-permissions burning tokens in headless run of claude code frequently querying the bash-policy agent for "command prefix“
Preflight Checklist
- [x] I have searched existing issues and this hasn't been reported yet
- [x] This is a single bug report (please file separate reports for different bugs)
- [x] I am using the latest version of Claude Code
What's Wrong?
So when specifying --dangerously-skip-permissions my understanding is that it never should trigger the bash policy agent since it is autonomous anyway, in 900 sessions i see over 7906 cases where the following agent is invokede to determine the prefix of a command:
You are a Claude agent, built on Anthropic's Claude Agent SDK.
Your task is to process Bash commands that an AI coding agent wants to run.
This policy spec defines how to determine the prefix of a Bash command:
claude code version: x-anthropic-billing-header: cc_version=2.1.45.f10; cc_entrypoint=sdk-cli; cch=6b427;
What Should Happen?
the ```
You are a Claude agent, built on Anthropic's Claude Agent SDK.
Your task is to process Bash commands that an AI coding agent wants to run.
This policy spec defines how to determine the prefix of a Bash command:
agent should not be invoked when yolo mode --dangerously-skip-permissions is set.
### Error Messages/Logs
```shell
Steps to Reproduce
- claude --dangerously-skip-permissions -p "task to do"
- check the network request after doing some yolo tasks
Claude Model
Not sure / Multiple models
Is this a regression?
I don't know
Last Working Version
_No response_
Claude Code Version
2.1.45
Platform
Anthropic API
Operating System
Ubuntu/Debian Linux
Terminal/Shell
VS Code integrated terminal
Additional Information
_No response_
This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗