Last updated: Sep 1, 2025, 01:10 PM UTC

Automatic Permissions Configuration for Claude Code

Overview

The Sasha Studio application now includes comprehensive default permissions for Claude Code CLI, allowing it to work smoothly without constant permission prompts while maintaining safety by blocking dangerous operations.

Default Configuration

Skip Permissions Mode

By default, the system now enables skipPermissions: true, which automatically approves tool usage without prompting. This is equivalent to using the --dangerously-skip-permissions flag in Claude Code CLI.

Default Allowed Tools

The system comes pre-configured with a comprehensive list of commonly used safe tools:

File Operations

  • Read - Read any file
  • Write - Write files
  • Edit - Edit existing files
  • MultiEdit - Multiple edits to same file
  • NotebookEdit - Edit Jupyter notebooks

Search & Navigation

  • Grep - Search in files
  • Glob - Find files by pattern
  • LS - List directory contents

Version Control

  • Bash(git status:*) - Check git status
  • Bash(git diff:*) - View diffs
  • Bash(git log:*) - View history
  • Bash(git add:*) - Stage files
  • Bash(git commit:*) - Create commits
  • Bash(git branch:*) - Manage branches
  • Bash(git checkout:*) - Switch branches
  • Bash(git push:*) - Push changes
  • Bash(git pull:*) - Pull changes
  • Bash(git remote:*) - Manage remotes
  • Bash(git init:*) - Initialize repositories
  • Bash(git reset:*) - Reset changes

Development Tools

  • Bash(npm install:*) - Install dependencies
  • Bash(npm run:*) - Run npm scripts
  • Bash(npm start:*) - Start applications
  • Bash(npm ls:*) - List packages
  • Bash(npm view:*) - View package info
  • Bash(npx:*) - Execute npm packages
  • Bash(node:*) - Run Node.js scripts
  • Bash(python:*) - Run Python scripts
  • Bash(docker:*) - Docker operations
  • Bash(docker-compose:*) - Docker Compose operations

File Management

  • Bash(ls:*) - List files
  • Bash(cp:*) - Copy files
  • Bash(mv:*) - Move/rename files
  • Bash(mkdir:*) - Create directories
  • Bash(touch:*) - Create empty files
  • Bash(cat:*) - View file contents
  • Bash(echo:*) - Output text
  • Bash(sed:*) - Stream editing
  • Bash(grep:*) - Search text
  • Bash(find:*) - Find files
  • Bash(tree:*) - Directory tree
  • Bash(curl:*) - HTTP requests
  • Bash(chmod:*) - Change permissions
  • Bash(open:*) - Open files/URLs
  • Bash(ps:*) - Process status
  • Bash(kill:*) - Kill processes
  • Bash(pkill:*) - Kill processes by name
  • Bash(timeout:*) - Run with timeout
  • Bash(time:*) - Time execution
  • Bash(bash:*) - Run bash scripts
  • Bash(sh:*) - Run shell scripts

Testing & Build Tools

  • Bash(npm test:*) - Run tests
  • Bash(npm run build:*) - Build projects
  • Bash(npm run dev:*) - Development mode
  • Bash(npm run server:*) - Start servers
  • Bash(npx eslint:*) - Linting
  • Bash(npx vite:*) - Vite operations

Web Operations

  • WebFetch - Fetch web content
  • WebSearch - Search the web

Claude Tools

  • TodoWrite - Manage task lists
  • TodoRead - Read task lists
  • Task - Launch specialized agents
  • BashOutput - Read bash output
  • KillBash - Kill background processes
  • ExitPlanMode - Exit planning mode

Default Disallowed Tools

The following potentially dangerous operations are blocked by default:

  • Bash(rm -rf:*) - Recursive force delete
  • Bash(rm -r:*) - Recursive delete
  • Bash(sudo rm:*) - Sudo delete
  • Bash(dd:*) - Disk operations
  • Bash(format:*) - Format operations
  • Bash(mkfs:*) - Make filesystem
  • Bash(> /dev/*) - Device writes
  • Bash(sudo:*) - Sudo commands
  • Bash(su:*) - Switch user
  • Bash(passwd:*) - Password changes
  • Bash(useradd:*) - Add users
  • Bash(userdel:*) - Delete users
  • Bash(groupadd:*) - Add groups
  • Bash(chown:*) - Change ownership
  • Bash(systemctl:*) - System control
  • Bash(service:*) - Service control
  • Bash(reboot:*) - System reboot
  • Bash(shutdown:*) - System shutdown
  • Bash(halt:*) - System halt
  • Bash(poweroff:*) - Power off

Using the Settings

Accessing Settings

  1. Open Sasha Studio in your browser
  2. Click the Settings icon in the interface
  3. Navigate to the "Tools & Permissions" tab

Reset to Defaults

If you've modified the settings and want to return to the recommended configuration:

  1. Open the Settings panel
  2. Click the "Reset to Defaults" button
  3. This will restore all the default allowed and disallowed tools
  4. Skip permissions will be re-enabled

Customizing Permissions

You can still customize the permissions if needed:

  1. Add allowed tools: Enter tool patterns in the "Allowed Tools" section
  2. Add disallowed tools: Enter dangerous patterns in the "Disallowed Tools" section
  3. Toggle skip permissions: Uncheck "Skip permission prompts" if you want to be prompted

Tool Pattern Format

Tool patterns follow this format:

  • ToolName - Allow/block a specific tool entirely
  • Bash(command:*) - Allow/block all variations of a bash command
  • Bash(command arg:*) - Allow/block specific command with arguments

Security Considerations

Why Skip Permissions is Enabled by Default

  • Productivity: Eliminates constant interruptions for routine operations
  • Safety: Dangerous operations are still blocked via the disallowed list
  • Transparency: All allowed and disallowed tools are clearly visible

Best Practices

  1. Review the defaults: Ensure they match your security requirements
  2. Add project-specific blocks: Add any project-specific dangerous commands
  3. Monitor usage: Review Claude's tool usage in the conversation history
  4. Update as needed: Add new patterns as you discover them

When to Disable Skip Permissions

Consider disabling automatic permissions when:

  • Working with sensitive data
  • Testing new Claude Code features
  • Training new team members
  • Requiring audit trail for all operations

Troubleshooting

Tools Not Working

If Claude Code can't use expected tools:

  1. Check the allowed tools list includes the pattern
  2. Ensure it's not in the disallowed list
  3. Verify the pattern syntax is correct

Too Many Permissions

If Claude Code has too much access:

  1. Add specific patterns to the disallowed list
  2. Consider disabling skip permissions temporarily
  3. Use more specific patterns instead of wildcards

Settings Not Persisting

Settings are saved to browser localStorage. If not persisting:

  1. Check browser privacy settings
  2. Ensure localStorage is enabled
  3. Try a different browser

Command Line Equivalent

The current configuration is equivalent to running Claude Code with:

claude --dangerously-skip-permissions \
  --allow "Read" --allow "Write" --allow "Edit" \
  --allow "Bash(git:*)" --allow "Bash(npm:*)" \
  --deny "Bash(rm -rf:*)" --deny "Bash(sudo:*)" \
  # ... (all other patterns)

Migration from Manual Configuration

If you previously configured permissions manually:

  1. Your existing settings will be preserved
  2. Use "Reset to Defaults" to adopt the new recommended configuration
  3. Review and merge any custom patterns you had

Support

For issues or questions about permissions configuration:

  • Check the Claude Code documentation
  • Review the security guidelines
  • Contact support with specific tool pattern questions