Permissions
Allow and deny rules for Claude Code operations.
File Location
.claude/settings.json
How It Works
Permissions control what Claude Code can do:
- Allow: Operations permitted without asking
- Deny: Operations blocked entirely
Default Permissions
Allowed:
| Permission | Meaning |
|---|---|
Read(jaan-to/**) | Read context, templates, outputs |
Read(docs/**) | Read project documentation |
Write(jaan-to/**) | Write outputs, learn, context |
Write(docs/**) | Write documentation |
Glob | Search file patterns |
Grep | Search file contents |
Denied:
| Permission | Meaning |
|---|---|
Write(src/**) | No source code changes |
Write(.env*) | No env file changes |
Read(.env*) | No env file reads |
Write(**/secrets/*) | No secrets writes |
Read(**/secrets/*) | No secrets reads |
Write(*.key) | No key file writes |
Write(*.pem) | No certificate writes |
Bash(rm:*) | No delete commands |
Why These Defaults?
- Skills generate outputs, not source code
- Environment files contain secrets
- Destructive commands need explicit approval
Customizing
Edit .claude/settings.json to add permissions:
Add allowed path:
"allow": ["Write(docs/**)"]
Add denied operation:
"deny": ["Bash(git push:*)"]
Permission Syntax
| Pattern | Meaning |
|---|---|
Read(path/**) | Read files under path |
Write(path/**) | Write files under path |
Bash(command:*) | Run bash commands starting with |
Glob | File pattern search |
Grep | Content search |
Note
Guardrails take precedence over permissions. Even if you allow a path, boundaries may still restrict it.