Allow disabling built-in .claude/ path protection at project level

Resolved 💬 3 comments Opened Apr 4, 2026 by taisukeoe Closed Apr 8, 2026

Problem

Claude Code has built-in protection for paths containing /.claude/ — any Edit/Write to such paths always triggers a permission prompt, regardless of permissions.allow patterns. This is a security safeguard to prevent accidental corruption of Claude Code configuration.

However, this protection causes friction for dotfiles repositories that manage ~/.claude/ configuration files (skills, hooks, CLAUDE.md, settings.json, etc.) as source-controlled files under a path like home/.claude/skills/....

Current Behavior

In a dotfiles repo with structure:

dotfiles/
├── home/
│   └── .claude/
│       ├── CLAUDE.md
│       ├── settings.json
│       ├── skills/
│       │   └── my-skill/SKILL.md
│       └── hooks/
│           └── my-hook.sh
└── setup.sh  (symlinks home/.claude/* → ~/.claude/*)
  • Edit(dotfiles/setup.sh)auto-allowed by Edit(/Users/.../dotfiles/**)
  • Edit(dotfiles/home/.claude/skills/my-skill/SKILL.md)always prompted despite same pattern

This was confirmed across 8 sessions and 30+ permission request entries. Every file under home/.claude/ prompted, while sibling files outside home/.claude/ were auto-allowed by the same permissions.allow pattern.

Desired Behavior

A project-level opt-out in .claude/settings.json:

{
  "permissions": {
    "disableProtectedPathCheck": true
  }
}

Or a more granular approach — allow permissions.allow patterns to override the built-in protection when explicitly set:

{
  "permissions": {
    "allow": [
      "Edit(home/.claude/**)"
    ],
    "unprotectPaths": ["home/.claude/**"]
  }
}

Use Case

Dotfiles repositories are a common pattern for managing Claude Code configuration (skills, hooks, CLAUDE.md) across machines. These repos need to freely edit files under home/.claude/ as part of normal development workflow. The current behavior forces manual approval for every single edit to these files, which significantly impacts productivity.

Additional Context

  • bypassPermissions mode also prompts for .claude/ paths (except .claude/commands, .claude/agents, .claude/skills under the project root)
  • The protection correctly distinguishes the project root's .claude/ directory (e.g., dotfiles/.claude/worktrees/.../setup.sh is auto-allowed), but any other /.claude/ in the path triggers it

View original on GitHub ↗

This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗