Granting a permission from the VS Code extension requires hand-editing JSON
Summary
In the Claude Code VS Code extension, granting Claude a new permission (e.g. allowing git push) requires the user to manually edit .claude/settings.local.json and add a correctly-quoted Bash glob entry to a JSON array. There is no in-extension "Allow this once / always" approval flow.
What I expected
When the agent is denied permission for a command, the extension should surface a one-click approval that writes the corresponding rule to my settings file for me — analogous to how a browser prompts for camera or location permission.
What actually happens
- The agent is denied (e.g.
git push origin main) - The agent suggests adding an entry like
"Bash(git push origin main:*)"to.claude/settings.local.json - Pasting the snippet from chat into the editor mangles the quotes (the paste arrives pre-escaped as
"\"Bash(...)\"..."), producing invalid permission rules - The agent itself cannot edit
.claude/settings.local.jsonbecause the auto-mode classifier blocks self-modification - The user is left hand-typing JSON to grant a single permission
Why this matters
The cognitive cost of the decision ("yes, I trust this command") is one bit. The cognitive cost of the implementation (JSON syntax, escape characters, Bash glob format, file path knowledge) is substantial. The mismatch creates friction on the exact action the permission system is meant to facilitate: a user saying yes.
Suggested fix
When permission is denied, show an in-UI button like "Allow git push origin main:* for this project" or "Allow once" that calls into the harness to write the rule (the harness layer is above the self-modification classifier, so it can perform the write the agent cannot).
This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗