[BUG] Bash tool auto-loads .env files despite permissions blocking .env file access

Resolved 💬 3 comments Opened Aug 22, 2025 by timmygee Closed Aug 26, 2025

Bug Description:

The Bash tool automatically loads environment variables from .env files in the current
working directory, even when user permissions explicitly block access to .env files.

Steps to Reproduce:

  1. Configure Claude Code with permissions that deny reading .env files:
  {
    "permissions": {
      "allow": [],
      "deny": ["Read(.env)", "Read(.env.*)"],
      "ask": []
    }
  }
  1. Navigate to a directory containing a .env file with database environment variables
  2. Run env | grep -i database using the Bash tool
  3. Observe that database environment variables from .env are present

Expected Behaviour:

The Bash tool should respect the user's permission settings and not auto-load .env
files when they are explicitly blocked.

Actual Behavior:

Environment variables from .env files are automatically loaded into the Bash tool's
environment, overriding the permission settings and potentially breaking local
development workflows that depend on specific environment configurations.

Impact:

This causes conflicts with development tools (like mpb test in this case) that expect
different database connection settings, forcing users to work around the issue by
unsetting variables.

Environment:

  • Platform: macOS (Darwin 24.5.0)
  • Shell: zsh
  • Working directory contains .env file that should be blocked by permissions

Additional Context:

The user's local shell environment does not have these variables set when running the
same commands directly, confirming the issue is specific to Claude Code's Bash tool
auto-loading behavior.

Possibly related to #401

View original on GitHub ↗

This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗