Feature Request: Allow permanently trusting a directory to skip repeated trust prompts

Resolved 💬 3 comments Opened Feb 27, 2026 by kumaarsaurabhabuild Closed Mar 3, 2026

Problem

Every time a new Claude Code session is started in a directory, the user is prompted with a "Do you trust this folder?" dialog. Once a user has explicitly trusted a directory, they should not be asked again on subsequent sessions. This creates unnecessary friction, especially for users who work in the same directories daily.

Current Behavior

  1. User launches Claude Code in /Users/username/my-project
  2. Claude Code prompts: "Do you trust this folder?"
  3. User confirms "Yes"
  4. Session proceeds normally
  5. Next session: User launches Claude Code in the same directory → prompted again
  6. This repeats every single session, indefinitely

Expected Behavior

  1. User launches Claude Code in /Users/username/my-project
  2. Claude Code prompts: "Do you trust this folder?"
  3. User confirms "Yes" (with an option to trust permanently)
  4. On all future sessions in that directory, the trust prompt is skipped

Proposed Solution

Add a "Trust this directory permanently" option to the trust prompt, and persist the user's choice. Suggested implementation:

Option A: Extend the trust prompt with a "Always trust" choice

Do you trust this folder? (/Users/username/my-project)
  > Yes (this session only)
  > Always trust this directory
  > No

Option B: Add a trustedDirectories array in ~/.claude/settings.json

{
  "trustedDirectories": [
    "/Users/username/my-project",
    "/Users/username/work/*"
  ]
}

This would allow:

  • Exact directory paths
  • Glob/wildcard patterns (e.g., /Users/username/work/* to trust all subdirectories)
  • Manual editing for power users who want to bulk-add directories

Option C: Both

Combine A and B — the prompt adds entries to the config, and users can also edit the config directly.

Additional Considerations

  • Security: The trust mechanism exists to protect against malicious CLAUDE.md files in untrusted repos. A permanent trust list still preserves this safety — it just remembers the user's explicit decision rather than asking repeatedly.
  • Revocation: Users should be able to un-trust a directory by either:
  • Removing it from trustedDirectories in settings
  • A CLI command like claude --untrust .
  • Scope: Trust could optionally be recursive (trusting /Users/username/work also trusts all subdirectories) or exact-match only, based on user preference.
  • Discoverability: The --dangerously-skip-permissions flag exists but is too broad — it skips all safety checks, not just the trust prompt. A scoped solution is needed.

Environment

  • OS: macOS / Linux / Windows (affects all platforms)
  • Claude Code: All versions with the trust prompt

Impact

This is a quality-of-life improvement that affects every user on every session. For users who launch Claude Code multiple times a day in the same project directories, this adds up to significant friction with zero security benefit after the first confirmation.

View original on GitHub ↗

This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗