Permissions & modes
In the last chapter every edit stopped and asked you y/n. That’s the safest possible setting and exactly right for your first hour — but it’s also friction, and once you trust the tool you’ll want it out of your way for the boring stuff while staying paranoid about the dangerous stuff. The dial that controls all of that is permissions: the rules and modes that decide what Claude Code can do on its own and what it has to ask about first.
Think of it as a leash with a length you set per task. Tedious, low-stakes work — let it run. Anything near secrets, production, or your machine’s configuration — keep it short, or cut access entirely. Getting this dial right is what turns the agent from a thing you babysit into a thing you delegate to, without the recklessness that delegation usually implies.
The day we’ll follow
Section titled “The day we’ll follow”Same payments service from the last chapter, but today the work is a mixed bag of trust levels — which is exactly what makes it a good tour of the dial:
- A tedious rename across two dozen files, where approving each edit is pure friction — Default permission prompt then loosen it with Shift+Tab
- A test-and-build loop you keep approving over and over — pre-approve it and run shell inline
- A secrets directory and prod config the agent must never touch, no matter how loose the rest is — lock it out
- A long, hands-off batch you want to walk away from — run it autonomously, safely
The through-line: loosening and tightening are two ends of the same dial, and a good operator reaches for both in the same session. By the end you’ll set the leash by reflex — long where it’s safe, short where it isn’t.