How to Use Claude Code's /fewer Permission Prompt to Build a Custom Allow List Anthropic's Claude Code introduces the /fewer permission prompt, which scans session history to auto-generate a custom allow list of approved tools and actions, balancing speed and control by granting auto-approval only for trusted operations while maintaining guardrails for others. How to Use Claude Code's /fewer Permission Prompt to Build a Custom Allow List The /fewer permission prompt scans your session history to auto-generate a tailored allow list—giving you the speed of auto-mode with more control. Why Claude Code’s Permission System Matters More Than You Think If you’ve spent any time with Claude Code, you’ve hit this moment: you’re deep in a session, Claude asks to run a shell command or write to a file, and you have to stop, read the prompt, and approve it. Then it happens again. And again. The instinct is to flip on auto-approve mode and move on. But that’s a significant trust handoff — you’re telling Claude it can run any tool, touch any file, execute any command without checking with you first. For most real workflows, that’s too permissive. The /fewer permission prompt exists exactly to close this gap. It scans your session history, identifies which tools and actions you’ve actually been approving, and generates a tailored allow list — one that matches your real usage patterns rather than granting blanket access. You get the speed of auto-mode on the things you trust, with guardrails on everything else. This guide walks through how Claude Code’s permission system works, what the /fewer prompt actually does, and how to build a custom allow list that fits the way you actually work. Understanding Claude Code’s Permission Model Claude Code is a terminal-based AI coding agent from Anthropic. Unlike a chat interface, it can take real actions: read and write files, run shell commands, install packages, call APIs, and interact with your development environment directly. Remy is new. The platform isn't. Remy is the latest expression of years of platform work. Not a hastily wrapped LLM. That capability makes it powerful. It also means the permission model isn’t just a UX detail — it’s a meaningful security layer. The Three Basic Modes Claude Code operates across a spectrum of trust: Default interactive mode — Claude asks for approval before taking any potentially impactful action. You see the tool call, what arguments it’s using, and you approve or deny each one. Slowest, most control. Auto-approve mode — Claude proceeds without asking. Fastest, least control. Useful for isolated sandbox environments where you genuinely don’t care what gets touched. Allow list mode — Claude auto-approves specific, named tools or actions while still prompting for anything outside the list. This is the middle path, and it’s where /fewer comes in. What Counts as a “Tool” in This Context Claude Code exposes capabilities through a tool system. Common tools include: Bash — runs shell commands Read — reads file contents Write — writes or creates files Edit — makes targeted edits to existing files Glob — finds files matching a pattern Grep — searches file contents WebFetch — retrieves content from URLs TodoRead / TodoWrite — manages task lists Each of these can be allowed selectively. The allow list can be scoped to the tool name, or in some cases, narrowed further to specific commands or patterns within that tool. What /fewer Actually Does The /fewer command is a slash command you run inside an active Claude Code session. Its job is to look at everything that’s happened in your conversation so far and ask: what’s the minimal allow list that would let Claude do what it’s actually been doing, without requiring approval for each step? The Session Scan When you run /fewer , Claude Code reviews the tool calls made during your session — which tools were invoked, how they were called, and which ones you manually approved. It uses this history to reason about a permission set that’s specific to your workflow rather than generic. Think of it as Claude auditing its own behavior and proposing a narrower set of standing permissions based on evidence. What It Outputs The output is a set of --allowedTools arguments or a configuration snippet you can apply to future sessions. For example, if you’ve been approving Read , Edit , and Bash specifically for npm commands , /fewer might suggest an allow list that includes those specific combinations rather than granting broad Bash access. The result is smaller than blanket auto-approve and more useful than reviewing every action manually. Why “Fewer” Is the Right Mental Model The name is intentional. The goal isn’t to give Claude access to everything it might conceivably need. It’s to give it access to exactly what your work pattern requires — and nothing more. Fewer permissions, calibrated to real usage. Step-by-Step: Building Your Custom Allow List with /fewer Here’s how to use this in practice, from setting up a session to exporting a reusable configuration. Step 1: Start a Session in Default Interactive Mode Don’t start with auto-approve. The whole point is to generate a allow list based on what you actually approve, so you need to run a session where Claude asks permission for things. claude Or if you’re working within a specific project directory: cd your-project && claude Step 2: Work Normally — Approve Actions as They Come Up Give Claude a realistic task. Not a toy example — something you’d actually do: - “Refactor the auth module to use async/await throughout” - “Add error handling to all API routes” - “Write tests for the UserService class” As Claude works, it will ask for approval at each tool call. Approve the ones you’re comfortable with. Deny or skip anything that feels outside the scope of this workflow. Don’t rush. The quality of the allow list /fewer generates depends on the quality of this session data. Step 3: Run /fewer When the Session Feels Representative Once you’ve worked through a meaningful chunk of the task — enough that Claude has made a variety of tool calls — run the command: /fewer Claude Code will analyze the session and respond with a proposed allow list. It’ll typically explain its reasoning: “You approved Read and Edit for all TypeScript files in /src , and Bash for npm test and npm run lint . Here’s the minimal allow list that covers that.” Step 4: Review the Proposed Allow List Don’t just copy-paste. Read through what’s being proposed. Ask yourself: - Does this match the scope of work I intend to give Claude? - Is anything too broad? e.g., unrestricted Bash when I only needed npm commands - Is anything missing that I’d want covered? The proposal is a starting point. You can narrow it further or tweak specific entries before applying it. Step 5: Apply the Allow List to Future Sessions Claude Code supports allow lists through the --allowedTools flag at startup or through a project-level configuration file .claude/settings.json or similar, depending on your version . Via CLI flag: claude --allowedTools "Read,Edit,Bash npm run " Via project config: { "allowedTools": "Read", "Edit", "Bash npm run " } The exact syntax may vary with Claude Code updates — check the Claude Code documentation https://docs.anthropic.com/en/docs/claude-code for the current format. Step 6: Iterate as Your Workflow Evolves Your allow list isn’t permanent. As you start new types of work — say, you’re now writing database migrations in addition to TypeScript refactoring — your session history will reflect new patterns. Run /fewer again after those sessions to update the list. Think of it as a living configuration that tracks how you actually use Claude Code over time. Common Patterns for Structuring Allow Lists Different workflows call for different allow lists. Here are a few patterns that work well. The Tight Code Review List For sessions focused on reading and suggesting edits without running anything: Read, Glob, Grep, Edit No Bash , no Write for new files, no web access. Claude can analyze and modify existing code but can’t run commands or create new files from scratch. The Test-and-Fix Loop For debugging workflows where you need Claude to run tests and fix failures: Read, Edit, Bash npm test , Bash npm run test: Claude can read code, make edits, and run tests — but Bash access is scoped to test commands only. The Documentation Sprint For generating or updating docs across a project: Read, Glob, Grep, Write, Edit Full read and write access, no Bash. Claude can find files, read them, and create or update documentation without executing anything. The Full Dev Session With Boundaries For longer build sessions where Claude needs broader access but you still want some guardrails: Read, Write, Edit, Glob, Grep, Bash npm , Bash git This covers most development tasks while keeping Bash scoped to npm and git commands rather than arbitrary shell execution. Troubleshooting: When /fewer Doesn’t Give You What You Expected The Suggestion Is Too Broad This usually means your approval session was too permissive. If you approved everything without thought, /fewer has no signal to narrow down from — it’ll suggest everything you approved. Fix: Run another session with more deliberate approvals. Deny anything you’d actually want to review case-by-case. The Suggestion Misses Tools You Need If you didn’t use a particular tool during the session, it won’t appear in the suggestion. /fewer can only propose what it observed. Fix: Either run a more comprehensive session that exercises all the capabilities you need, or manually add the missing tools to the allow list after the fact. The Allow List Breaks Your Workflow Later Session history is a snapshot. If you run a different kind of task with a narrow allow list, Claude will hit permission walls. Fix: Either expand the allow list for that session type, or maintain separate configurations per workflow type a test-and-fix config, a documentation config, etc. . Bash Scoping Gets Complicated Bash is the trickiest tool to scope because commands are strings, not structured calls. If you need precise Bash scoping — say, allow git commit but not git push — you may need to manually edit the allow list rather than relying on /fewer ’s automatic suggestion. When to Use /fewer vs. Other Permission Approaches /fewer isn’t always the right tool. Here’s when each approach makes more sense. | Situation | Best Approach | |---|---| | Quick one-off task in a trusted environment | Auto-approve | | Repeatable workflow you run regularly | /fewer + saved config | | Sensitive codebase, high-risk environment | Full interactive mode | | New workflow you haven’t run before | Interactive first, then /fewer | | Shared team environment with consistent tasks | Project-level .claude/settings.json | The key insight: /fewer is most valuable for workflows you run more than once. The upfront cost of a guided session pays off when you’re running the same type of task repeatedly and don’t want to approve the same actions every time. How MindStudio Complements Claude Code Workflows If you’re using Claude Code to build or maintain agents and automated workflows, there’s a natural pairing worth knowing about. MindStudio https://mindstudio.ai is a no-code platform for building and deploying AI agents — the kind of agents that Claude Code might be helping you build, test, or extend. Where Claude Code handles the development work reading files, running tests, refactoring code , MindStudio handles the runtime layer: what those agents actually do when they’re deployed. For teams that use Claude Code to develop automation logic and then deploy it via MindStudio, the Agent Skills Plugin https://mindstudio.ai is particularly relevant. It’s an npm SDK @mindstudio-ai/agent that lets AI agents — including those orchestrated by Claude Code — call MindStudio’s capabilities directly as typed method calls: agent.sendEmail , agent.searchGoogle , agent.runWorkflow . Claude Code can help you write and test that integration code; MindStudio handles the execution infrastructure. If you’re working with Claude Code on agentic projects, MindStudio’s 120+ typed capabilities and infrastructure handling rate limiting, retries, auth can simplify the development surface Claude Code is working against. You can try MindStudio free at mindstudio.ai https://mindstudio.ai . Frequently Asked Questions What is the /fewer permission prompt in Claude Code? /fewer is a slash command you run within an active Claude Code session. It scans the session history — specifically, which tools were called and which ones you approved — and generates a minimal allow list tailored to your actual usage patterns. The goal is to give you a permission set that auto-approves what you consistently use, without granting blanket access to everything. How is the /fewer allow list different from just turning on auto-approve? Auto-approve mode disables permission checks entirely. Claude can run any tool, execute any command, and take any action without asking. The allow list generated by /fewer is selective — it auto-approves specific, named tools or tool patterns while still prompting for anything outside that list. You get speed on the things you trust, with review still happening for everything else. Can I manually edit the allow list that /fewer generates? Yes. The output from /fewer is a configuration you apply — not something that takes effect automatically. Before saving it, you can remove tools that were too broadly scoped, add tools you know you’ll need that didn’t come up in that session, or narrow Bash access to specific command patterns. Think of /fewer ’s output as a well-informed draft, not a final answer. Does the allow list persist across sessions? Only if you save it to a configuration file. If you apply it as a --allowedTools flag at startup, it applies only for that session. For persistence, save the allow list to your project’s Claude configuration file typically .claude/settings.json . You can maintain different config files for different project types. Is it safe to include Bash in an allow list? It depends on how you scope it. Unrestricted Bash in an allow list is essentially the same risk as auto-approve mode for shell commands — Claude can run arbitrary commands without prompting. To reduce risk, scope Bash access to specific command prefixes e.g., Bash npm , Bash git rather than allowing all shell execution. The more specific the pattern, the smaller the attack surface. When should I re-run /fewer to update my allow list? Whenever your workflow changes in a meaningful way. If you start working on a different kind of task — new tooling, new file types, new command patterns — run a new guided session and run /fewer again to get an updated suggestion. Allow lists should reflect what you’re actually doing, not what you were doing three months ago. Key Takeaways - Claude Code’s permission system operates across a spectrum from full interactive approval to complete auto-approve — the allow list is the practical middle ground. - The /fewer prompt analyzes your session history to generate a minimal, evidence-based allow list rather than asking you to construct one from scratch. - The quality of the allow list depends on the quality of the session you run — work through a realistic, representative task before running /fewer . - Review the output before applying it: check for overly broad Bash access, missing tools, or scoping that doesn’t match your actual risk tolerance. - Save your allow lists to project-level config files for persistence, and update them as your workflow evolves. - For teams building and deploying AI agents, tools like MindStudio can handle the runtime infrastructure layer that Claude Code-assisted development produces.