Overview of 6 Permission Modes

⏱ Est. reading time: 3 min Updated on 5/8/2026

Claude Code provides 6 distinct permission modes to balance security and velocity.

Permission Modes Gears

The 6 Modes

Mode What can run without asking Use Case
default Read-only tools only Starting out, sensitive work
acceptEdits Read + File edits + basic FS commands Iterating code after review
plan Read-only tools + Planning Researching before making changes
auto Almost everything (with safety classifier) Long tasks, reducing prompt fatigue
dontAsk Pre-approved tools only CI/CD and scripts
bypassPermissions Everything (Skips all checks) Isolated containers / VMs only

Important Shared Rules

  1. Protected Paths: Except for bypassPermissions, no mode automatically allows writing to protected paths (e.g., .git, .claude, .bashrc).
  2. Rules Precedence: Custom allow/ask/deny rules still apply in all modes except bypassPermissions.
  3. Read-only Whitelist: Basic read-only commands like ls, cat, and grep never prompt in any mode.

Related Tools & Resources

Skill Marketplaces

A

Awesome Cyber Skills

A curated list of hacking environments for AI agent developers to train and practice cybersecurity skills, enhancing agent capabilities in defense and offense.

Recommended Plugins

🛡️

Security Guidance

Security reminder hook that monitors 9 security patterns including command injection, XSS, eval usage, dangerous HTML, pickle deserialization, and os.system calls.

Related Products

📦

claude-howto

Claude How To by luongnv89 is a structured, visual, and example-driven guide designed to help users master Claude Code's features efficiently. It offers 10 tutorial modules, copy-paste configuration templates, Mermaid diagrams, and a guided learning path. The guide transforms users from basic Claude Code interactions to orchestrating advanced agents, hooks, skills, and MCP servers, addressing the gap in official documentation regarding practical guidance and a clear learning roadmap.