Permission auto-approve should separate read/write/delete operations
Problem
When Claude Code prompts for tool permission approval, the "always allow" option uses a wildcard that doesn't distinguish between read and write operations.
Example: Running git branch --show-current (a read-only command) offers git * as the auto-approve option. Accepting that would also auto-approve destructive commands like git push --force, git reset --hard, git clean -f, etc.
This makes the auto-approve option unusable for safety-conscious users — you have to deny every time because the granularity is too coarse.
Expected Behavior
The auto-approve options should separate by operation type. For example:
- Read-only git:
git branch *,git log *,git diff *,git status *,git rev-parse *,git show * - Write git:
git add *,git commit *,git push * - Destructive git:
git reset --hard *,git push --force *,git clean -f *,git branch -D *
This way users can auto-approve read operations without inadvertently allowing destructive ones.
Impact
Users who care about safety end up denying most auto-approve prompts, adding friction to every session. The current wildcard grouping defeats the purpose of having granular permissions.
This issue has 4 comments on GitHub. Read the full discussion on GitHub ↗