Self-modification guard prompts for .claude/skills/ files despite documented exemption
Resolved 💬 5 comments Opened Mar 24, 2026 by omtsoft Closed Apr 21, 2026
Bug Description
When editing files inside .claude/skills/ directories (e.g., .claude/skills/review-all/review-state.md), Claude Code shows a self-modification permission prompt:
Do you want to make this edit to review-state.md?
❯ 1. Yes
2. Yes, and allow Claude to edit its own settings for this session
3. No
According to the permissions documentation, writes to .claude/skills/ should be exempt from the self-modification guard:
"Writes to.claude/commands,.claude/agents, and.claude/skillsare exempt and do not prompt, because Claude routinely writes there when creating skills, subagents, and commands."
Steps to Reproduce
- Create a skill that writes to a state file inside
.claude/skills/<skill-name>/(e.g.,review-state.md) - Run the skill (or manually Edit/Write to the file)
- The self-modification prompt appears despite the documented exemption
What was tried (none of these work)
defaultMode: "bypassPermissions"in projectsettings.local.jsonskipDangerousModePermissionPrompt: truein globalsettings.jsonEdit(.claude/**)andWrite(.claude/**)in both global and project-level allow lists- Unrestricted
EditandWrite(no path filter) in global allow list
Expected Behavior
Writes to .claude/skills/** should not trigger the self-modification permission prompt, as documented.
Actual Behavior
The self-modification prompt appears every time, regardless of permission settings or bypass mode.
Additional Context
- This is especially disruptive when skills use subagents (e.g., multi-agent review pipelines), as each subagent triggers its own prompt for every state file write
- Selecting option 2 ("allow for this session") does not persist to subagents
Environment
- Claude Code version: 2.1.81
- OS: Windows 11 (10.0.26200)
- Shell: Git Bash
This issue has 5 comments on GitHub. Read the full discussion on GitHub ↗