Aulafy

Permissions

Claude Code's permission system ensures nothing happens without your knowledge. Learn how to configure what Claude can and cannot do.

Permission philosophy

Claude Code follows the principle of least privilege: by default it asks for confirmation for any action that is potentially irreversible or affects resources outside your project. You decide when to give it more autonomy.

Tools and their permissions

Claude Code has access to these tools, each with its default risk level:

Allowing and denying operations

Configure permissions in .claude/settings.json so you don't have to confirm frequent operations:

TerminalCode
{
  "permissions": {
    "allow": [
      "Bash(npm run:*)",
      "Bash(git:*)",
      "Bash(npx:*)",
      "Read(**)",
      "Edit(**)",
      "Write(**)",
      "WebFetch(domain:api.github.com)"
    ],
    "deny": [
      "Bash(rm -rf:*)",
      "Bash(sudo:*)",
      "WebFetch(domain:*.evil.com)"
    ]
  }
}

Permission syntax

Permissions use the format Tool(pattern:value):

  • Bash(npm:*) — allows any npm command
  • Bash(git commit:*) — allows git commit with any argument
  • Read(**) — allows reading any file (** = any path)
  • WebFetch(domain:api.example.com) — allows fetch only to that domain
  • Edit(src/**) — allows editing only files under src/

Interactive permission management

Inside Claude Code, use the command:

TerminalCode
/permissions

This opens an interactive panel where you can view, add, or revoke permissions for the current session.

Permissions during a session

When Claude Code requests to do something you haven't pre-authorized, it will show you a dialog like this:

TerminalCode
Claude quiere ejecutar:
  git push origin main

¿Permitir? [s/N/siempre/nunca] _
  • s — allow only this time.
  • N — deny (Claude will look for another alternative).
  • siempre — add to the permanent permissions list.
  • nunca — add to the permanent deny list.

No-permissions mode (dangerous)

For controlled environments (CI, Docker, sandboxes), you can disable all confirmations:

TerminalCode
claude --dangerously-skip-permissions "implementa los tests unitarios"

Security best practices

  • Use git: working in a git repository lets you revert any change Claude made with git restore .
  • Limit scope in production: on production servers, don't give Claude write permissions.
  • Review diffs: Claude always shows a diff before editing. Read it before accepting.
  • Domain-specific permissions: if you use WebFetch, specify exact domains instead of WebFetch(*).
  • Environment variables: Claude cannot read your secrets unless they are in the environment or you pass them explicitly.

Team permission configuration

Add .claude/settings.json to your repository so the entire team uses the same base permission configuration:

TerminalCode
# .gitignore — NO ignorar settings.json del equipo
# (sí ignorar settings.local.json para configs personales)
.claude/settings.local.json