{"slug": "dangerously-skip-permissions-is-the-only-safe-mode", "title": "Dangerously-skip-permissions is the only safe mode", "summary": "Claude Code's `--dangerously-skip-permissions` flag is actually safer than the default permission-requesting mode, according to founding engineer Jim Fisher. The default mode creates \"approval fatigue\" that leads users to rubber-stamp dangerous actions, while the skip-permissions mode forces engineers to implement proper authentication systems for their agents. Fisher argues that auth-based security, where agents hold credentials and services enforce policies, is more reliable than human oversight that inevitably fails.", "body_md": "# --dangerously-skip-permissions is the only safe mode\n\nJim Fisher\n\nMay 11\n\nClaude Code has a flag called `--dangerously-skip-permissions`\n\n.\nDespite the name, I'm more nervous about engineers who don't use it.\nIf you run the default \"permissions\" mode, your Claude setup is probably unsafe.\n\n`--dangerously-skip-permissions`\n\nlets the agent do anything it wants on your machine.\nSounds dangerous.\nClaude could do real damage with the `DATABASE_URL`\n\nin your env files.\n\nBy default, Claude asks permission before it acts: run a script, delete a file, make a network request. Sounds sensible. The human stays in the loop.\n\nNow watch what happens after a few minutes.\n\nClaude asks to write a script. Writing files is safe. Approve. Claude asks to run the script. The script looks safe. Approve. The script has a bug. Claude edits it and asks to re-run. Read the diff, approve.\n\nAfter a handful of these, it starts to feel like *real work*, and the last ten were fine.\nProbably fine. Approve.\n\nI'm now effectively in `--dangerously-skip-permissions`\n\nmode,\nexcept I have to sit at the keyboard to skip the permissions.\nThis is *approval fatigue*,\nand it's why the default mode is worse than `--dangerously-skip-permissions`\n\n.\n\nIf approval doesn't work, what does?\n*Auth.*\n\nThis is how we handle the same problem for humans at work. Bob gets an access token. He makes requests like \"give me this file\", and the service authorizes him against a policy like \"Bob owns this file\".\n\nBob's permissions balance two things: he needs access to be productive, but he can also make mistakes, turn disgruntled, or lose his laptop.\n\nBob writes and runs any scripts he likes on his machine. No human reads or approves them. The auth policy is enforced by the services his scripts talk to. Auth policies don't get tired.\n\nAgents have the same shape. They can be helpful. They can also turn stupid or malicious or both. And we can't post a human behind every action.\n\nSo the equivalent of auth for Claude Code is auth. Give him credentials. Let him run whatever scripts he wants with them.\n\nSuppose you have two colleagues.\nBob runs Claude in regular permissions mode.\nAlice runs Claude with `--dangerously-skip-permissions`\n\n.\nWho is more likely to cause a production incident?\n\nBob makes me more nervous.\nHis discomfort with `--dangerously-skip-permissions`\n\nmeans he knows his machine holds credentials he doesn't trust Claude with.\nHe's trying to verify every action, and eventually he will slip.\n\nThat's why `--dangerously-skip-permissions`\n\nis the safer mode.\nIt *forces* you to give your agent a working permissions system:\nauth, not approval.\n\nJim Fisher, Founding Engineer", "url": "https://wpnews.pro/news/dangerously-skip-permissions-is-the-only-safe-mode", "canonical_source": "https://www.granola.ai/blog/dangerously-skip-permissions-is-the-only-safe-mode", "published_at": "2026-05-26 09:13:17+00:00", "updated_at": "2026-05-26 09:38:08.546142+00:00", "lang": "en", "topics": ["ai-safety", "ai-agents", "ai-tools", "ai-products", "large-language-models"], "entities": ["Claude Code", "Jim Fisher", "Claude"], "alternates": {"html": "https://wpnews.pro/news/dangerously-skip-permissions-is-the-only-safe-mode", "markdown": "https://wpnews.pro/news/dangerously-skip-permissions-is-the-only-safe-mode.md", "text": "https://wpnews.pro/news/dangerously-skip-permissions-is-the-only-safe-mode.txt", "jsonld": "https://wpnews.pro/news/dangerously-skip-permissions-is-the-only-safe-mode.jsonld"}}