Edit tool prompts for approval despite --dangerously-skip-permissions and bypassPermissions settings
Bug Description
The Edit tool always shows a diff-and-approve prompt for project files, even when all three bypass mechanisms are active simultaneously:
--dangerously-skip-permissionsCLI flag"defaultMode": "bypassPermissions"in both global (~/.claude/settings.json) and project (.claude/settings.local.json) settings- Selecting "Yes, allow all edits during this session" (Shift+Tab) at the prompt
Each Edit call still prompts with:
Do you want to make this edit to <filename>?
❯ 1. Yes
2. Yes, allow all edits during this session (shift+tab)
3. No
Option 2 ("allow all edits during this session") does not persist — the next Edit call prompts again.
Expected Behavior
With --dangerously-skip-permissions, no tool calls should require interactive approval, including Edit.
At minimum, "Yes, allow all edits during this session" should suppress all subsequent Edit prompts for the remainder of the session.
Observed Behavior
- Edit on project files: Always prompts (bug)
- Edit on
/tmp/files: No prompt (works correctly) - Write tool on project files: No prompt (works correctly)
- Bash tool: No prompt (works correctly)
Reproduction Steps
- Set global settings (
~/.claude/settings.json):
{
"permissions": {
"defaultMode": "bypassPermissions",
"allow": ["Bash", "Edit", "MultiEdit", "Write"]
},
"skipDangerousModePermissionPrompt": true
}
- Launch Claude Code:
claude --dangerously-skip-permissions
- Ask Claude to make a small edit to any project file (e.g., add a comment to a
.pyfile)
- Observe: the diff-and-approve prompt appears despite all bypass mechanisms being active
Environment
- Claude Code CLI (terminal, not VS Code —
~/.claude/ide/deleted to ensure no IDE connection) - Running in tmux
- Linux (WSL2)
- Process confirms flag is active:
claude --dangerously-skip-permissions --resume agent-2
Impact
This blocks fully autonomous agent workflows. Multi-agent pipelines (e.g., /next-feature with parallel agents in separate tmux windows) cannot run unattended because every Edit call requires human interaction. The workaround is to avoid Edit entirely and use Write + Bash with sed instead, which defeats the purpose of having a dedicated Edit tool.
Workaround
Use the Write tool (for new files) and Bash with sed -i (for modifications) instead of Edit. Both respect the bypass permissions flag correctly.
This issue has 4 comments on GitHub. Read the full discussion on GitHub ↗