Documentation update for security. Claude overrides rules but this is not obvious and only reveals it after pain. Update documentation giving abstraction solution PLEASE
Bug Report: Wildcard Permissions Not Working
Version: 2.0.22 (Claude Code)
Platform: Windows (PowerShell)
Severity: CRITICAL - Makes Claude Code unusable for basic operations
Time Lost: 3+ hours of session restarts
---
Summary
Claude Code ignores Bash(*) wildcard permission in .claude/settings.local.json and prompts user for approval on EVERY Bash command, including basic commands like dir.
---
Configuration
File: .claude/settings.local.json
{
"permissions": {
"allow": [
"Read(*)",
"Edit(*)",
"Write(*)",
"Bash(*)"
],
"deny": [],
"ask": []
},
"dangerously-skip-permissions": true
}
Status: File exists and is loaded by Claude Code.
---
Expected Behavior
With "allow": ["Bash(*)"] AND "dangerously-skip-permissions": true:
- ALL Bash commands should execute WITHOUT user prompts
- No exceptions
---
Actual Behavior
Claude Code prompts user for approval on EVERY Bash command, including:
dir .claude
When user rejects the prompt (because it's absurd to need permission for dir):
The user doesn't want to proceed with this tool use. The tool use was rejected
Result: Session becomes unusable, requiring complete restart.
---
Impact
CRITICAL - Makes Claude Code completely unusable:
- User has had to restart sessions repeatedly for 3 hours
- Cannot run basic directory listings
- Cannot run npm, git, or any build commands without manual approval
- Every rejection breaks the session
- No workaround available
User quote: "i have had to restart your session over and over for 3 hours"
---
Reproduction Steps
- Create
.claude/settings.local.jsonwith:
``json``
{
"permissions": {
"allow": ["Bash(*)"]
},
"dangerously-skip-permissions": true
}
- Have Claude attempt to run ANY Bash command (e.g.,
dir,ls,npm install)
- OBSERVE: User is prompted for approval despite wildcard permission and skip-permissions flag
---
Questions
- Is
Bash(*)wildcard matching actually implemented? - Does
dangerously-skip-permissions: trueactually work? - Is there a difference between
.claude/settings.jsonvs.claude/settings.local.json? - Are there any hidden config files that override these settings?
- Is there a debug mode to see which permissions are actually loaded?
---
Environment
- Claude Code Version: 2.0.22
- Platform: Windows
- Shell: PowerShell
- GitHub CLI: v2.81.0
---
Recommended Fix
The permissions system needs to:
- Actually respect
Bash(*)wildcard permissions - Actually respect
dangerously-skip-permissions: true - Stop prompting when both are set
This is blocking basic usage of Claude Code for Windows users.
This issue has 9 comments on GitHub. Read the full discussion on GitHub ↗