Docs: bypassPermissions scoping to cwd is undocumented

Resolved 💬 3 comments Opened Apr 20, 2026 by kevinAlbs Closed Apr 24, 2026

Summary

The bypassPermissions permission mode prompts for files outside the current working directory, even when the path is not in a protected directory (.git, .claude, .vscode, etc.). This behavior is not documented.

Expected behavior per docs

The documentation states:

bypassPermissions mode disables permission prompts and safety checks so tool calls execute immediately. Writes to protected paths are the only actions that still prompt.

This implies the only restriction is protected directories — there is no mention of working directory scope.

Actual behavior

With "defaultMode": "bypassPermissions" set in ~/.claude/settings.json, reading a file outside the cwd (e.g. ~/code/mongo-c-driver/README.rst) still produces a permission prompt, even though that path is not a protected directory.

Related

  • The acceptEdits mode docs do explicitly mention working directory scope and additionalDirectoriesbypassPermissions docs do not.
  • Workaround: add frequently accessed directories to additionalDirectories in settings.

Request

Please document whether bypassPermissions is implicitly scoped to the cwd + additionalDirectories, and if so, make that explicit in the permission modes reference.

View original on GitHub ↗

This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗