Preflight Checklist
What's Wrong?
Description
Claude Code repeatedly prompts for permission to perform actions (Edit, Bash, WebFetch) despite having broad wildcard permissions (Bash(), Read, Write, Edit, WebFetch()) configured in both the global settings.json and the project-level .claude/settings.local.json.
Environment
Client: Claude Desktop 1.1.3363 (ee4247) 2026-02-17T15:55:21.000Z
OS: macOS
Shell: zsh (default)
Note: Using Claude Code integration within Claude Desktop, not the standalone CLI
What Should Happen?
Expected Behavior
Actions matching the broad wildcard permissions (Bash(), Edit, WebFetch()) should execute without prompting for approval.
Actual Behavior
Claude Code prompts for permission on individual actions, despite the wildcards being present. Examples observed:
Edit prompt: "Allow Claude to Edit formatter.rs?" — despite Edit being in the allow list
Bash prompt: "Allow Claude to Run cd ... && git status -u?" — despite Bash() being in the allow list
WebFetch prompt: "Allow Claude to Fetch https://docs.insforge.dev/?" — despite WebFetch() being in the allow list
When clicking "Always allow for session" or "Always allow for project (local)", Claude Code appends individual permission patterns (e.g., Bash(git status:)) to settings.local.json rather than recognizing the existing Bash() wildcard already covers them.
Additional Context
The file is correctly located at <project_root>/.claude/settings.local.json
Restarting Claude Desktop multiple times has not resolved the issue
The .claude/settings.local.json file has accumulated many redundant specific permission entries from repeated "Allow for project" clicks, all of which should already be covered by the wildcards at the top of the allow list
The issue occurs consistently across Edit, Bash, and WebFetch action types
No deny rules conflict with the actions being prompted
Hypothesis
It appears the permission resolver may not be correctly evaluating the broad wildcard entries when they coexist with more specific entries in the same allow list, or the local settings file may not be loaded/merged correctly with global settings.
Error Messages/Logs
Steps to Reproduce
Steps to Reproduce
Configure global ~/.claude/settings.json with broad wildcard permissions:
json {
"permissions": {
"allow": ["Bash()", "Read", "Write", "Edit", "WebFetch()"],
"deny": [
"Bash(rm )", "Bash( rm )", "Bash( | rm )",
"Bash(rmdir )", "Bash( rmdir )",
"Bash(shred )", "Bash( shred )",
"Bash(mkfs )", "Bash( mkfs )",
"Bash(dd )", "Bash( dd )",
"Bash(:(){ :|:& };:)",
"Bash(chmod -R 777 )", "Bash(chown -R )",
"Bash( > /dev/sd)", "Bash( > /dev/disk)",
"Bash(find * -delete)", "Bash(find * -exec rm )",
"Bash( xargs rm )",
"Bash(git push * --force)", "Bash(git push * -f)",
"Bash(git clean -fd)", "Bash(git reset --hard)",
"Bash(sudo rm *)", "Bash(sudo mkfs )", "Bash(sudo dd )",
"Bash(killall )", "Bash(pkill )",
"Bash(curl * | bash)", "Bash(curl * | sh)",
"Bash(wget * | bash)", "Bash(wget * | sh)"
]
}
}
Configure project-level .claude/settings.local.json with the same broad wildcards at the top of the allow list:
json {
"permissions": {
"allow": [
"Bash()",
"Read",
"Write",
"Edit",
"WebFetch()",
...additional specific entries appended by Claude Code over time...
]
}
}
Restart Claude Code / Claude Desktop.
Ask Claude Code to perform any standard action (edit a file, run a git command, fetch a URL).
Claude Model
Opus
Is this a regression?
I don't know
Last Working Version
No response
Claude Code Version
Claude Desktop 1.1.3363 (ee4247) 2026-02-17T15:55:21.000Z
Platform
Other
Operating System
macOS
Terminal/Shell
Other
Additional Information
Additional Context
- The file is correctly located at <project_root>/.claude/settings.local.json
- Restarting Claude Desktop multiple times has not resolved the issue
- The .claude/settings.local.json file has accumulated many redundant specific permission entries from repeated "Allow for project" clicks, all of which should already be covered by the wildcards at the top of the allow list
- The issue occurs consistently across Edit, Bash, and WebFetch action types
- No deny rules conflict with the actions being prompted
Preflight Checklist
What's Wrong?
Description
Claude Code repeatedly prompts for permission to perform actions (Edit, Bash, WebFetch) despite having broad wildcard permissions (Bash(), Read, Write, Edit, WebFetch()) configured in both the global settings.json and the project-level .claude/settings.local.json.
Environment
Client: Claude Desktop 1.1.3363 (ee4247) 2026-02-17T15:55:21.000Z
OS: macOS
Shell: zsh (default)
Note: Using Claude Code integration within Claude Desktop, not the standalone CLI
What Should Happen?
Expected Behavior
Actions matching the broad wildcard permissions (Bash(), Edit, WebFetch()) should execute without prompting for approval.
Actual Behavior
Claude Code prompts for permission on individual actions, despite the wildcards being present. Examples observed:
Edit prompt: "Allow Claude to Edit formatter.rs?" — despite Edit being in the allow list
Bash prompt: "Allow Claude to Run cd ... && git status -u?" — despite Bash() being in the allow list
WebFetch prompt: "Allow Claude to Fetch https://docs.insforge.dev/?" — despite WebFetch() being in the allow list
When clicking "Always allow for session" or "Always allow for project (local)", Claude Code appends individual permission patterns (e.g., Bash(git status:)) to settings.local.json rather than recognizing the existing Bash() wildcard already covers them.
Additional Context
The file is correctly located at <project_root>/.claude/settings.local.json
Restarting Claude Desktop multiple times has not resolved the issue
The .claude/settings.local.json file has accumulated many redundant specific permission entries from repeated "Allow for project" clicks, all of which should already be covered by the wildcards at the top of the allow list
The issue occurs consistently across Edit, Bash, and WebFetch action types
No deny rules conflict with the actions being prompted
Hypothesis
It appears the permission resolver may not be correctly evaluating the broad wildcard entries when they coexist with more specific entries in the same allow list, or the local settings file may not be loaded/merged correctly with global settings.
Error Messages/Logs
Steps to Reproduce
Steps to Reproduce
Configure global ~/.claude/settings.json with broad wildcard permissions:
json {
"permissions": {
"allow": ["Bash()", "Read", "Write", "Edit", "WebFetch()"],
"deny": [
"Bash(rm )", "Bash( rm )", "Bash( | rm )",
"Bash(rmdir )", "Bash( rmdir )",
"Bash(shred )", "Bash( shred )",
"Bash(mkfs )", "Bash( mkfs )",
"Bash(dd )", "Bash( dd )",
"Bash(:(){ :|:& };:)",
"Bash(chmod -R 777 )", "Bash(chown -R )",
"Bash( > /dev/sd)", "Bash( > /dev/disk)",
"Bash(find * -delete)", "Bash(find * -exec rm )",
"Bash( xargs rm )",
"Bash(git push * --force)", "Bash(git push * -f)",
"Bash(git clean -fd)", "Bash(git reset --hard)",
"Bash(sudo rm *)", "Bash(sudo mkfs )", "Bash(sudo dd )",
"Bash(killall )", "Bash(pkill )",
"Bash(curl * | bash)", "Bash(curl * | sh)",
"Bash(wget * | bash)", "Bash(wget * | sh)"
]
}
}
Configure project-level .claude/settings.local.json with the same broad wildcards at the top of the allow list:
json {
"permissions": {
"allow": [
"Bash()",
"Read",
"Write",
"Edit",
"WebFetch()",
...additional specific entries appended by Claude Code over time...
]
}
}
Restart Claude Code / Claude Desktop.
Ask Claude Code to perform any standard action (edit a file, run a git command, fetch a URL).
Claude Model
Opus
Is this a regression?
I don't know
Last Working Version
No response
Claude Code Version
Claude Desktop 1.1.3363 (ee4247) 2026-02-17T15:55:21.000Z
Platform
Other
Operating System
macOS
Terminal/Shell
Other
Additional Information
Additional Context