claude-code - 💡(How to fix) Fix [BUG] .claude/** writes still prompt for permission despite explicit Write(.claude/**) and bare Write allowlist entries [1 comments, 2 participants]

Preflight Checklist

• I have searched existing issues and this hasn't been reported yet
• This is a single bug report (please file separate reports for different bugs)
• I am using the latest version of Claude Code

What's Wrong?

Writes (and edits) to files inside a project-local .claude/ directory still trigger a manual Do you want to create test-permission.md? permission prompt, even when the user-level permissions.allow list explicitly grants them.

In my ~/.claude/settings.json I have all of the following entries (deliberately overlapping to be sure I covered the case):

"permissions": {
  "allow": [
    "Write",
    "Write(.claude/**)",
    "Write(**/.claude/**)",
    "Edit",
    "Edit(.claude/**)",
    "Edit(**/.claude/**)",
    ...
  ]
}

Despite this, when Claude tries to create .claude/commands/test-permission.md inside a project, the prompt still appears:

The prompt offers Yes / Yes, allow all edits during this session / No — i.e. Claude Code is treating this write as if no relevant rule were configured. The bare Write rule alone should be sufficient; the two .claude/** patterns should make this iron-clad. Neither matches.

What Should Happen?

When the user has any of:

• Write (bare, allow-all)
• Write(.claude/**) (matches project-relative path)
• Write(**/.claude/**) (matches anywhere)

…in their permissions.allow list, file creation/edit inside <project>/.claude/ should proceed silently without a permission prompt.

There's a reasonable secondary read of this report as a scope question: even if .claude/** patterns are intentionally excluded for some safety reason (preventing prompt-injection-driven self-modification?), the bare Write rule should still cover it — and if Claude Code is going to special-case .claude/ writes, that exception should be documented and ideally configurable, not silent.

Error Messages/Logs

(no errors — the prompt itself is the unexpected behaviour)

Steps to Reproduce

1. In ~/.claude/settings.json add (or confirm) the following permissions allow entries:

   {
     "permissions": {
       "allow": [
         "Write",
         "Write(.claude/**)",
         "Write(**/.claude/**)"
       ]
     }
   }

2. Open Claude Code in any project directory (no .claude/ need exist yet).
3. Ask Claude to create a file at .claude/commands/test-permission.md with any content.
4. Observed: a Do you want to create test-permission.md? prompt appears.
5. Expected: the file is created silently, since multiple rules in the allowlist explicitly grant the operation.

Claude Model

Not sure / Multiple models

Is this a regression?

I don't know

Last Working Version

No response

Claude Code Version

2.1.111

Platform

Anthropic API

Operating System

Ubuntu/Debian Linux

Terminal/Shell

Other

Additional Information

• Tested on Ubuntu 25.10, KDE Plasma, Konsole, Claude Code 2.1.111.
• Both .claude/** and **/.claude/** are present in the allowlist as a belt-and-braces precaution; neither suffices.
• The bare Write rule (which has no path scope and should match everything) also does not cover this — which is what makes me think .claude/ is being special-cased in the matcher rather than this being a glob-pattern bug.
• If the special-casing is intentional, please consider documenting it and exposing an opt-out — for users who use Claude Code heavily for managing their own Claude scaffolding (commands, skills, agents, hooks), the per-file prompts add a lot of friction.