Anyone else hitting this after updating to 2.1.78? I build skills and agents all day. My entire workflow lives inside .claude/skills/ and .claude/agents/. I run claude --dangerously-skip-permissions specifically so I don’t have to babysit every file edit. As of 2.1.78, every single edit to any file inside .claude/ now triggers a permission prompt, even in bypass mode. The changelog calls it a fix: “Fixed .git, .claude, and other protected directories being writable without a prompt in bypassPermissions mode” That wasn’t a bug. That was the feature working as intended for people who chose to accept the risk. To make it worse, 2.1.77 also patched PreToolUse hooks from returning allow to bypass permission rules. So you can’t even write a hook to auto-approve. They closed both doors. What I’ve tried (none of it works): –dangerously-skip-permissions flag
- permissions.defaultMode: “bypassPermissions” in settings.json
- Explicit allow rules for Edit, Write, Read, Bash(*), etc.
- PreToolUse hook that returns {“decision”: “allow”} — errors out and gets ignored
- Shift+Tab (“allow all edits this session”) — resets after compaction Is anyone aware of a workaround? Or is this something we need to push back on in GitHub issues? I get protecting .git/ from accidental writes, but .claude/skills/ is where the actual work happens for framework developers. There should be an opt-out. Relevant GitHub issue: https://github.com/anthropics/claude-code/issues/25503 CHANGELOG: https://github.com/anthropics/claude-code/blob/main/CHANGELOG.md (see 2.1.77 and 2.1.78 entries) submitted by /u/Similar-Anybody2983
Originally posted by u/Similar-Anybody2983 on r/ClaudeCode