[BUG] Read() permissions broken for directories with glob-special characters ({, $)

Resolved 💬 5 comments Opened Mar 29, 2026 by jameswinegar Closed May 1, 2026

Preflight Checklist

  • [x] I have searched existing issues and this hasn't been reported yet
  • [x] This is a single bug report (please file separate reports for different bugs)
  • [x] I am using the latest version of Claude Code

What's Wrong?

Directory names containing {} and $ break permission glob matching

Description

When a project contains directories with {, }, or $ characters in their names (common in SvelteKit route parameters like {-$locale}), the Read() permission patterns in .claude/settings.json fail to match. This causes Claude Code to repeatedly prompt for read access on every interaction that touches those paths, even after granting permission.

Reproduction

  1. Have a SvelteKit project (or similar) with parameterized route directories:

``
sites/src/routes/{-$locale}/
marketing/src/routes/{-$locale}/
``

  1. When prompted for read access, select "Yes, allow reading from {-$locale}/ from this project" (option 2).
  1. This writes the following to .claude/settings.json:

``json
{
"permissions": {
"allow": [
"Read({-$locale}/**)"
]
}
}
``

  1. Claude Code continues to prompt for read access on subsequent interactions with those directories.
  1. Adding Read(./**) as a broader fallback also does not resolve the issue.

Expected behavior

Selecting option 2 should persistently allow read access to the directory without re-prompting. Special characters in directory names should be escaped or treated as literals in permission patterns.

Actual behavior

The {} characters are interpreted as glob brace expansion syntax and $ as a variable, so the pattern never matches the literal directory path. Claude Code re-prompts every time.

Workaround

None fully working. Adding paths to additionalDirectories may help but does not suppress the read permission prompt.

Environment

  • Framework: SvelteKit (uses {-$locale} route parameter directories)
  • Likely affects any project with {} or $ in directory names

Related issues

  • #6881 — /** glob patterns not granting recursive access (similar symptom, different root cause)
  • #21962 — unexpected lack of glob expansion in permission patterns

Both are about glob patterns not matching as expected, but this issue is specifically about literal directory names containing glob-reserved characters being misinterpreted by the permission matcher.

Suggested fix

Escape glob-special characters ({, }, # Directory names containing {} and $` break permission glob matching

Description

When a project contains directories with {, }, or $ characters in their names (common in SvelteKit route parameters like {-$locale}), the Read() permission patterns in .claude/settings.json fail to match. This causes Claude Code to repeatedly prompt for read access on every interaction that touches those paths, even after granting permission.

Reproduction

  1. Have a SvelteKit project (or similar) with parameterized route directories:

``
sites/src/routes/{-$locale}/
marketing/src/routes/{-$locale}/
``

  1. When prompted for read access, select "Yes, allow reading from {-$locale}/ from this project" (option 2).
  1. This writes the following to .claude/settings.json:

``json
{
"permissions": {
"allow": [
"Read({-$locale}/**)"
]
}
}
``

  1. Claude Code continues to prompt for read access on subsequent interactions with those directories.
  1. Adding Read(./**) as a broader fallback also does not resolve the issue.

Expected behavior

Selecting option 2 should persistently allow read access to the directory without re-prompting. Special characters in directory names should be escaped or treated as literals in permission patterns.

Actual behavior

The {} characters are interpreted as glob brace expansion syntax and $ as a variable, so the pattern never matches the literal directory path. Claude Code re-prompts every time.

Workaround

None fully working. Adding paths to additionalDirectories may help but does not suppress the read permission prompt.

Environment

  • Framework: SvelteKit (uses {-$locale} route parameter directories)
  • Likely affects any project with {} or $ in directory names

, [, ], *, ?) in directory names before writing permission patterns to settings, or support a quoting/escaping mechanism in the permission syntax.

What Should Happen?

Read() permission patterns should escape glob-special characters in literal directory names. Selecting "Yes, allow reading from {-$locale}/ from this project" should persist a pattern that actually matches the directory, and Claude Code should not re-prompt for access.

Error Messages/Logs

Steps to Reproduce

  1. Create or clone a SvelteKit project with parameterized route directories containing glob-special characters (e.g., sites/src/routes/{-$locale}/, marketing/src/routes/{-$locale}/)
  2. Run Claude Code and ask it to read or work with files under one of those directories
  3. When prompted, select option 2: "Yes, allow reading from {-$locale}/ from this project"
  4. Observe that Read({-$locale}/**) is written to .claude/settings.json
  5. Ask Claude Code to read another file under the same directory
  6. Claude Code prompts for read permission again, repeatedly, on every interaction

Claude Model

None

Is this a regression?

I don't know

Last Working Version

_No response_

Claude Code Version

2.1.86

Platform

Anthropic API

Operating System

macOS

Terminal/Shell

VS Code integrated terminal

Additional Information

<img width="426" height="97" alt="Image" src="https://github.com/user-attachments/assets/516feb53-db5b-4eef-bace-768dabe8bc77" />

View original on GitHub ↗

This issue has 5 comments on GitHub. Read the full discussion on GitHub ↗