Redundant permission prompts: settings.local.json ignores global allow-all, shell operators trigger unnecessary approval

Resolved 💬 2 comments Opened Apr 1, 2026 by stefan-isele Closed May 8, 2026

Problem

Two permission system issues that create unnecessary friction for developers:

1. settings.local.json accumulates redundant entries when global * is set

When ~/.claude/settings.json has "allow": ["*"], every per-session permission approval still gets appended to the project-level .claude/settings.local.json. This results in files with 80+ entries that are completely redundant — the global wildcard already covers them all.

Expected behavior: If a global "allow": ["*"] rule already matches the tool call, don't write it to settings.local.json.

2. Bash commands with && trigger safety prompts despite allow-all permissions

A command like:

head -5 file.ts && grep -n 'pattern' file.ts

triggers an approval prompt ("This command uses shell operators that require approval for safety") even when all permissions are set to "allow": ["*"].

For a tool designed for software development, chaining commands with && is the most basic operation. Prompting on every use is disruptive — especially when the user has explicitly opted into allow-all.

Expected behavior: If the user has granted "allow": ["*"] or "allow": ["Bash(*"], shell operators like &&, |, ; should not trigger additional prompts.

Environment

  • Claude Code CLI on Linux
  • Global settings: "allow": ["*"]
  • Project settings: specific Bash command allowlist

View original on GitHub ↗

This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗