--dangerously-skip-permissions does not propagate to subagents (Agent tool)

Resolved 💬 4 comments Opened Mar 28, 2026 by klueless-io Closed Apr 18, 2026

Bug Description

When running Claude Code with --dangerously-skip-permissions, subagents spawned via the Agent tool still prompt for permission on every Edit/Write tool call. The bypass flag only applies to the parent session.

Reproduction Steps

  1. Run claude --dangerously-skip-permissions
  2. Confirm skipDangerousModePermissionPrompt: true is set in ~/.claude/settings.json
  3. Ask Claude to spawn a subagent via the Agent tool that makes multiple Edit calls
  4. Every Edit call in the subagent prompts:
Do you want to make this edit to foo.md?
❯ 1. Yes
  2. Yes, allow all edits during this session (shift+tab)
  3. No

Expected Behavior

Subagents should inherit the parent session's --dangerously-skip-permissions flag. Edits should proceed without prompting.

Actual Behavior

Every Edit/Write call in the subagent prompts for permission. Tested with 14 edits across 8 files — all 14 prompted. The parent session does not prompt for the same operations.

Environment

  • Claude Code version: 2.1.86
  • OS: macOS (Darwin 25.3.0)
  • skipDangerousModePermissionPrompt: true in settings.json
  • Multiple hooks configured (PreToolUse, PostToolUse, etc.) but confirmed they are not the cause — tested with hook server both offline (port not listening) and online (returning {"continue": true}). Same behavior either way.

Additional Context

A PreToolUse hook returning {"allow": true} could work around this, but that would auto-approve tool calls for ALL users of the hook server — effectively forcing dangerous mode on users who want permission prompts. The fix should be in Claude Code's permission propagation, not in external hooks.

🤖 Generated with Claude Code

View original on GitHub ↗

This issue has 4 comments on GitHub. Read the full discussion on GitHub ↗