Bash wildcard permissions in settings.local.json not matching commands

[DavidLangworthy]

Description

Wildcard permission patterns like Bash(az *) in .claude/settings.local.json do not match commands. Each command still triggers a permission prompt, and the exact command string gets appended to the allow list instead of being matched by the existing wildcard.

Reproduction

1. Create .claude/settings.local.json:

{
  "permissions": {
    "allow": [
      "Bash(az *)",
      "Bash(gh *)",
      "Bash(git *)",
      "Bash(curl *)"
    ]
  }
}

2. Ask Claude to run a command like az containerapp show --name foo --resource-group bar
3. Expected: Command auto-allowed by Bash(az *) wildcard
4. Actual: Permission prompt appears. Clicking "Always allow" appends the exact command string to the allow list

Evidence

After a session, the settings file grows from 4 wildcard rules to 30+ exact-match entries:

{
  "permissions": {
    "allow": [
      "Bash(az *)",
      "Bash(gh *)",
      "Bash(az acr list --resource-group rg-foo --query \"[0].name\" -o tsv)",
      "Bash(az containerapp logs show --name bar --resource-group rg-foo --tail 30)",
      "Bash(gh variable list -R owner/repo)",
      "..."
    ]
  }
}

The wildcards on lines 1-2 should have matched all of these.

Environment

• Claude Code via claude CLI (Opus 4.6)
• macOS Darwin 25.2.0
• Settings file: .claude/settings.local.json (project-level local)
• No deny rules, no other settings files

Related

• Bash:* wildcard permission not working in settings.local.json #3428
• [BUG] Claude Desktop - Claude Code - Broad wildcard permissions in settings.local.json not respected — still prompted for individual actions #27139

[github-actions]

Found 3 possible duplicate issues:

1. Bash allowlist pattern 'Bash(curl *)' in settings.local.json not matching — repeated permission prompts #29529
2. [BUG] settings.local.json allow not working - keeps asking and wanting to add existing items again #6850
3. Wildcard Permission Matching Failure for Curl Commands in Claude Code #2719

This issue will be automatically closed as a duplicate in 3 days.

• If your issue is a duplicate, please close it and 👍 the existing issue instead
• To prevent auto-closure, add a comment or 👎 this comment

🤖 Generated with Claude Code

[github-actions]

This issue has been automatically closed as a duplicate of #29529.

If this is incorrect, please re-open this issue or create a new one.

🤖 Generated with Claude Code

[github-actions]

This issue has been automatically locked since it was closed and has not had any activity for 7 days. If you're experiencing a similar issue, please file a new issue and reference this one if it's relevant.