[Feature Request] Add setting to skip protected directory prompts when bypassPermissions is enabled
Problem
v2.1.78 introduced prompts for writes to protected directories (.git/, .claude/, .vscode/, .idea/) even when bypassPermissions mode is enabled. While this is a reasonable security default, users who have explicitly opted into bypassPermissions mode have already accepted full trust — prompting them for every edit to these directories adds friction without security benefit.
This is especially painful in VS Code where each prompt requires a mouse click on a dialog, and typical sessions involve many edits to .claude/settings.json, .claude/rules/, .vscode/settings.json, and occasionally .git/config.
Attempted Workarounds (all failed)
permissions.allowpatterns (e.g.Edit(.claude/**)) — do not override the protected directory promptPermissionRequesthook returning{"hookSpecificOutput": {"hookEventName": "PermissionRequest", "decision": {"behavior": "allow"}}}— does not fire in VS Code extension (see #13203, #12176)PreToolUsehook returningpermissionDecision: "allow"— does not override protected directory checks (v2.1.77 change)- No CLI flag or env var exists for this
Proposed Solution
Add a skipProtectedDirectoryPrompts setting (boolean, default false) that, only when bypassPermissions is already enabled, skips the protected directory write prompt:
{
"permissions": {
"defaultMode": "bypassPermissions"
},
"skipProtectedDirectoryPrompts": true
}
This preserves the security improvement for users in default or acceptEdits modes while respecting the explicit trust decision of bypassPermissions users.
Additional Context
- The
PermissionRequesthook not firing in VS Code (#13203) means there is currently no workaround for VS Code users skipDangerousModePermissionPromptalready exists as precedent for skipping prompts that bypass-mode users find redundantpermissions.denyrules would still block even with this setting (deny always wins), so users retain granular control
Environment
- Claude Code v2.1.78
- VS Code extension
- Windows 11
bypassPermissionsmode enabled via~/.claude/settings.json
This issue has 11 comments on GitHub. Read the full discussion on GitHub ↗