[Feature Request] Add setting to skip protected directory prompts when bypassPermissions is enabled

Resolved 💬 11 comments Opened Mar 18, 2026 by voyagi Closed May 1, 2026

Problem

v2.1.78 introduced prompts for writes to protected directories (.git/, .claude/, .vscode/, .idea/) even when bypassPermissions mode is enabled. While this is a reasonable security default, users who have explicitly opted into bypassPermissions mode have already accepted full trust — prompting them for every edit to these directories adds friction without security benefit.

This is especially painful in VS Code where each prompt requires a mouse click on a dialog, and typical sessions involve many edits to .claude/settings.json, .claude/rules/, .vscode/settings.json, and occasionally .git/config.

Attempted Workarounds (all failed)

  1. permissions.allow patterns (e.g. Edit(.claude/**)) — do not override the protected directory prompt
  2. PermissionRequest hook returning {"hookSpecificOutput": {"hookEventName": "PermissionRequest", "decision": {"behavior": "allow"}}}does not fire in VS Code extension (see #13203, #12176)
  3. PreToolUse hook returning permissionDecision: "allow" — does not override protected directory checks (v2.1.77 change)
  4. No CLI flag or env var exists for this

Proposed Solution

Add a skipProtectedDirectoryPrompts setting (boolean, default false) that, only when bypassPermissions is already enabled, skips the protected directory write prompt:

{
  "permissions": {
    "defaultMode": "bypassPermissions"
  },
  "skipProtectedDirectoryPrompts": true
}

This preserves the security improvement for users in default or acceptEdits modes while respecting the explicit trust decision of bypassPermissions users.

Additional Context

  • The PermissionRequest hook not firing in VS Code (#13203) means there is currently no workaround for VS Code users
  • skipDangerousModePermissionPrompt already exists as precedent for skipping prompts that bypass-mode users find redundant
  • permissions.deny rules would still block even with this setting (deny always wins), so users retain granular control

Environment

  • Claude Code v2.1.78
  • VS Code extension
  • Windows 11
  • bypassPermissions mode enabled via ~/.claude/settings.json

View original on GitHub ↗

This issue has 11 comments on GitHub. Read the full discussion on GitHub ↗