[BUG] Allow bash commands with environment variables

Resolved 💬 2 comments Opened Mar 9, 2026 by arthaud Closed Apr 6, 2026

Preflight Checklist

  • [x] I have searched existing issues and this hasn't been reported yet
  • [x] This is a single bug report (please file separate reports for different bugs)
  • [x] I am using the latest version of Claude Code

What's Wrong?

Hello,

My team's setup requires to use environment variables, and Claude Code doesn't seem to handle that well.

I'm using the following .claude/settings.json:

{
  "permissions": {
    "allow": [
      "Bash(make:*)",
      "Bash(dune exec:*)",
      "Bash(PYSA_INTEGRATION_TEST=*.py dune exec:*)",
    ]
  }
}

When Claude Code tries to run our tests with some configuration options, it uses the following command:

cd /data/users/arthaud/fbsource/fbcode/tools/pyre/source && PYREFLY_BINARY=/data/users/arthaud/fbsource/buck-out/v2/art/fbcode/18a812494e93914b/pyrefly/pyrefly/__pyrefly__/pyrefly make test 2>&1

That command is allowed without asking me for permissions.

However, when I ask it to run another kind of test, leading to this command:

cd /data/users/arthaud/fbsource/fbcode/tools/pyre/source && PYSA_INTEGRATION_TEST=decorator.py dune exec interprocedural_analyses/taint/test/integrationTest.exe

This is NOT allowed, and requires me to manually accept.
It proposes me to Yes, and don’t ask again for: cd:*, but this does not change anything (even after restarting claude).
I have tried to allowlist Bash(PYSA_INTEGRATION_TEST=* dune exec:*) but this does not change anything.

It seems even worse with multiple environment variables:

cd /data/users/arthaud/fbsource/fbcode/tools/pyre/source && PYREFLY_BINARY=/data/users/arthaud/fbsource/buck-out/v2/art/fbcode/18a812494e93914b/pyrefly/pyrefly/__pyrefly__/pyrefly  PYSA_INTEGRATION_TEST=decorator.py dune exec interprocedural_analyses/taint/test/integrationTest.exe

This is also not allowed.

This behavior is very disruptive, since it forces use to constantly hit "Accept", even for simple tasks.

Could I get clarity on how environment variable are handled for permission checks? For instance, the first command is somehow allowed, although it uses an environment variable, while the other commands aren't allowed.

What Should Happen?

Claude Code should be consistent about handling environment variables in the Bash() tool.

Error Messages/Logs

Steps to Reproduce

  1. Create a new empty project
  2. Set-up the .claude/settings.json mentioned above
  3. Run claude
  4. Ask it to run cd /data/users/arthaud/fbsource/fbcode/tools/pyre/source && PYSA_INTEGRATION_TEST=decorator.py dune exec interprocedural_analyses/taint/test/integrationTest.exe
  5. It will require permissions, although this is allowlisted.

Claude Model

Opus

Is this a regression?

No, this never worked

Last Working Version

_No response_

Claude Code Version

2.1.58

Platform

Anthropic API

Operating System

Other Linux

Terminal/Shell

iTerm2

Additional Information

_No response_

View original on GitHub ↗

This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗