A few weeks ago I set up Claude Code to run as a nightly cron job with zero manual intervention. The setup took about 10 minutes. What took longer was figuring out when NOT to use –dangerously-skip-permissions . The flag that enables headless mode: -p claude -p “your instruction” Claude executes the task and exits. No UI, no waiting for input. Works with scripts, CI/CD pipelines, and cron jobs. The example I have running in production: 0 3 * * * cd /app && claude -p “Review logs/staging.log from the last 24h. \ If there are new errors, create a GitHub issue with the stack trace. \ If it’s clean, print a summary.” \ –allowedTools “Read” “Bash(curl *)” “Bash(gh issue create *)” \ –max-turns 10 \ –max-budget-usd 0.50 \ –output-format json >> /var/log/claude-review.log 2>&1 The part most content online skips: permissions –dangerously-skip-permissions bypasses ALL confirmations. Claude can read, write, execute commands — anything — without asking. Most tutorials treat it as “the flag to stop the prompts.” That’s the wrong framing. The right approach is –allowedTools scoped to exactly what the task needs: Analysis only → –allowedTools “Read” “Glob” “Grep” Analysis + notifications → –allowedTools “Read” “Bash(curl *)” CI/CD with commits → –allowedTools “Edit” “Bash(git commit *)” “Bash(git push *)” –dangerously-skip-permissions makes sense in throwaway containers or isolated ephemeral VMs. Not on a server with production access. Two flags that prevent expensive surprises –max-turns 10 caps how many actions it can take. Without this, an uncontrolled loop runs indefinitely. –max-budget-usd 0.50 kills the run if it exceeds that spend. This is the real safety net — don’t rely on max-turns alone. Pipe input works too cat error.log | claude -p “explain these errors and suggest fixes” Plugs into existing pipelines without changing anything else. Also works with -c to continue from a previous session: claude -c -p “check if the last commit’s changes broke anything” Why this beats a traditional script A script checks conditions you defined upfront. Claude reasons about context you didn’t anticipate. The same log review cron job handles error patterns you’ve never seen before — no need to update regex rules or condition lists. Anyone else running this in CI/CD or as scheduled tasks? Curious what you’re automating. submitted by /u/NefariousnessHappy66
Originally posted by u/NefariousnessHappy66 on r/ClaudeCode