YOLO Mode
Configure Claude Code to run tools automatically without constant prompting.
Power User Feature
These settings allow Claude to execute commands on your machine without your explicit approval for every step. Use with caution. You are placing significant trust in the AI.
1
Fastest Way (Full Bypass)
Add this to your project's local settings to allow ALL tools to run automatically.
File:
<project>/.claude/settings.local.json (project-local) {
"permissions": {
"defaultMode": "bypassPermissions"
}
} CRITICAL WARNING
This gives the AI full autonomy. In rare cases, it could theoretically run destructive commands like rm -rf ... if it hallucinates or misinterprets a task. Only use this in isolated environments or if you have good backups (git).
2
Recommended Configuration (Safer Approach)
Allow all commands by default, but block dangerous operations that could cause irreversible damage.
File:
<project>/.claude/settings.local.json (project-local) {
"permissions": {
"allow": [
"Bash(*)",
"Read(*)",
"Write(*)"
],
"deny": [
"Bash(:(){:|:&};:)",
"Bash(:(){ :|:& };:)",
"Bash(bomb(){ bomb|bomb& };bomb)",
"Bash(dd if=/dev/zero of=/dev/sd*:*)",
"Bash(dd if=/dev/zero of=/dev/disk*:*)",
"Bash(dd if=/dev/random of=/dev/sd*:*)",
"Bash(dd if=/dev/urandom of=/dev/sd*:*)",
"Bash(cat /dev/zero > /dev/sd*:*)",
"Bash(cat /dev/urandom > /dev/sd*:*)",
"Bash(shred /dev/sd*:*)",
"Bash(shred -vfz -n *:*)",
"Bash(> /dev/sda:*)",
"Bash(mkfs.:*::*)",
"Bash(fdisk:*)",
"Bash(parted:*)",
"Bash(diskutil eraseDisk:*)",
"Bash(rm ~/)",
"Bash(rm /)",
"Bash(rm -rf /:*)",
"Bash(rm -rf ~:*)",
"Bash(rm -rf /*:*)",
"Bash(rm -rf .*:*)",
"Bash(sudo rm -rf :*::*)",
"Bash(shred:*)",
"Bash(mv * /dev/null:*)",
"Bash(mv ~/* /dev/null:*)",
"Bash(mv /* /dev/null:*)",
"Bash(find / -delete:*)",
"Bash(find / -exec rm -rf {} \;:*)",
"Bash(chown -R /:*)",
"Bash(chown -R root:root /:*)",
"Bash(chmod -R 0 /:*)",
"Bash(chmod -R 777 /:*)",
"Bash(chmod 777 -R /:*)",
"Bash(chmod -R 000 /:*)",
"Bash(chmod 000 -R /:*)",
"Bash(curl*|*sh:*)",
"Bash(wget*|*sh:*)",
"Bash(curl * | bash:*)",
"Bash(curl * | sh:*)",
"Bash(wget * | bash:*)",
"Bash(wget * | sh:*)",
"Bash(curl -s * | bash:*)",
"Bash(wget -q * | bash:*)",
"Bash(curl -fsSL * | bash:*)",
"Bash(wget -qO- * | bash:*)",
"Bash(eval $*:*)",
"Bash(mysql * DROP DATABASE:*)",
"Bash(mysql * DROP TABLE:*)",
"Bash(mysql * TRUNCATE:*)",
"Bash(mysqladmin drop:*)",
"Bash(psql * DROP DATABASE:*)",
"Bash(psql * DROP TABLE:*)",
"Bash(psql * TRUNCATE:*)",
"Bash(dropdb:*)",
"Bash(mongo * --eval *dropDatabase*:*)",
"Bash(mongosh * --eval *dropDatabase*:*)",
"Bash(mongo * dropDatabase:*)",
"Bash(redis-cli FLUSHALL:*)",
"Bash(redis-cli FLUSHDB:*)",
"Bash(prisma db push)",
"Bash(npx prisma db push)",
"Bash(prisma migrate reset:*)",
"Bash(npm run db:push)",
"Bash(bun run db:push)",
"Bash(pnpm run db:push)",
"Bash(yarn db:push:*)",
"Bash(yarn prisma db push:*)",
"Bash(yarn prisma migrate reset:*)",
"Bash(pnpm prisma migrate reset:*)",
"Bash(drizzle-kit drop:*)",
"Bash(npm run db:drop:*)",
"Bash(typeorm schema:drop:*)",
"Bash(sequelize db:drop:*)",
"Bash(rails db:drop:*)",
"Bash(rails db:reset:*)",
"Bash(rails db:migrate:reset:*)",
"Bash(rails db:schema:load:*)",
"Bash(rails db:seed:replant:*)",
"Bash(bundle exec rake db:drop:*)",
"Bash(bundle exec rake db:reset:*)",
"Bash(rake db:drop:*)",
"Bash(rake db:reset:*)",
"Bash(rails credentials:edit:*)",
"Bash(rails secret:*)",
"Bash(rails runner*eval*:*)",
"Bash(ruby -e*system*:*)",
"Bash(ruby -e*exec*:*)",
"Bash(irb -e*:*)",
"Bash(gem uninstall -aIx:*)",
"Bash(bundle exec rails destroy:*)",
"Bash(kubectl delete namespace --all:*)",
"Bash(kubectl delete ns --all:*)",
"Bash(kubectl delete all --all:*)",
"Bash(kubectl delete all --all-namespaces:*)",
"Bash(kubectl delete pods --all:*)",
"Bash(kubectl delete deployments --all:*)",
"Bash(kubectl delete pvc --all:*)",
"Bash(kubectl delete pv --all:*)",
"Bash(kubectl delete secrets --all:*)",
"Bash(kubectl delete configmaps --all:*)",
"Bash(helm uninstall --all:*)",
"Bash(helm delete --purge:*)",
"Bash(docker system prune -af:*)",
"Bash(docker volume rm -f :*::*)",
"Bash(docker rm -f $(docker ps -aq):*)",
"Bash(docker rmi -f $(docker images -aq):*)",
"Bash(docker stop $(docker ps -aq):*)",
"Bash(docker kill $(docker ps -aq):*)",
"Bash(docker stop $(docker ps -q):*)",
"Bash(docker kill $(docker ps -q):*)",
"Bash(docker network prune -f:*)",
"Bash(docker volume prune -f:*)",
"Bash(docker image prune -af:*)",
"Bash(docker container prune -f:*)",
"Bash(docker-compose down -v:*)",
"Bash(docker compose down -v:*)",
"Bash(docker-compose down -v --rmi all:*)",
"Bash(docker run --privileged:*)",
"Bash(docker run -v /:/host:*)",
"Bash(git reset --hard:*)",
"Bash(git clean -fdx:*)",
"Bash(git push --force:*)",
"Bash(git push origin --delete:*)",
"Bash(git push --force-with-lease:*)",
"Bash(git branch -D:*)",
"Bash(git reflog expire --expire=now --all:*)",
"Bash(git gc --prune=now:*)",
"Bash(git filter-branch:*)",
"Bash(git rebase -i --root:*)",
"Bash(shutdown:*)",
"Bash(reboot:*)",
"Bash(systemctl poweroff:*)",
"Bash(init 0:*)",
"Bash(init 6:*)",
"Bash(telinit 0:*)",
"Bash(halt:*)",
"Bash(poweroff:*)",
"Bash(echo b > /proc/sysrq-trigger:*)",
"Bash(echo c > /proc/sysrq-trigger:*)",
"Bash(echo o > /proc/sysrq-trigger:*)",
"Bash(crontab -r:*)",
"Bash(rm /var/spool/cron/*:*)",
"Bash(iptables -F:*)",
"Bash(iptables --flush:*)",
"Bash(iptables -X:*)",
"Bash(ip6tables -F:*)",
"Bash(ip6tables --flush:*)",
"Bash(ufw disable:*)",
"Bash(firewall-cmd --panic-on:*)",
"Bash(nft flush ruleset:*)",
"Bash(cat /etc/shadow:*)",
"Bash(cat ~/.ssh/id_rsa:*)",
"Bash(cat ~/.aws/credentials:*)",
"Bash(cat ~/.git-credentials:*)",
"Bash(rm -rf /var/log/*:*)",
"Bash(> /var/log/*:*)",
"Bash(truncate -s 0 /var/log/*:*)",
"Bash(shred /var/log/*:*)",
"Bash(history -c:*)",
"Bash(cat /dev/null > ~/.bash_history:*)",
"Bash(apt-get remove --purge *:*)",
"Bash(apt remove --purge *:*)",
"Bash(yum remove *:*)",
"Bash(dnf remove *:*)",
"Bash(pacman -Rns *:*)",
"Bash(kill -9:*)",
"Bash(killall:*)",
"Bash(kill -9 -1:*)",
"Bash(killall -9 *:*)",
"Bash(pkill -9 *:*)",
"Bash(kill -SIGKILL -1:*)",
"Bash(aws s3 rm --recursive s3://*:*)",
"Bash(aws ec2 terminate-instances:*)",
"Bash(aws rds delete-db-instance:*)",
"Bash(aws cloudformation delete-stack:*)",
"Bash(gcloud compute instances delete:*)",
"Bash(gsutil rm -r gs://*:*)",
"Bash(gcloud sql instances delete:*)",
"Bash(az group delete:*)",
"Bash(az vm delete:*)",
"Bash(az storage blob delete-batch:*)",
"Bash(terraform destroy -auto-approve:*)",
"Bash(terraform apply -destroy:*)",
"Bash(npm publish:*)",
"Bash(pnpm publish:*)",
"Bash(export HISTSIZE=0:*)",
"Bash(unset HISTFILE:*)",
"Bash(set +o history:*)",
"Bash(ln -sf /dev/null /etc/*:*)",
"Bash(swapoff -a:*)",
"Bash(mkswap /dev/sd*:*)"
]
}
}This configuration uses wildcards to allow all Bash, Read, and Write operations, while the deny list blocks destructive commands like database drops, force pushes, and system modifications.
Reference: Additional Commands List
For comprehensive documentation on permission scopes and syntax, visit the Official Claude Code Documentation