permissions.ask: always-prompt list that cannot be bypassed by --dangerously-skip-permissions
Summary
Add a permissions.ask list to settings.json that requires user confirmation even when running in bypass-permissions mode.
Current behavior
settings.json currently supports two lists:
| List | Normal mode | Bypass mode |
|------|-------------|-------------|
| allow | auto-approve | auto-approve |
| (unlisted) | ask | auto-approve |
| deny | block | block |
There is no way to express: "always ask, but don't block."
Desired behavior
Add a permissions.ask list:
| List | Normal mode | Bypass mode |
|------|-------------|-------------|
| allow | auto-approve | auto-approve |
| ask | ask | ask |
| (unlisted) | ask | auto-approve |
| deny | block | block |
Use cases
Bash(chmod *)/Bash(chown *)— worth confirming, but not worth blockingBash(git push *)— even in automated runs, a human should confirm pushesBash(brew install *)/Bash(npm install *)— dependency changes should be intentional- Any operation that is low-risk enough to allow but high-impact enough to surface
Why this matters
Bypass mode is useful for autonomous/batch workflows, but it's an all-or-nothing switch today. permissions.ask would let users define a "safety floor" — a set of operations that always surface to the user regardless of how Claude was invoked.
This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗