Skip to content
try reference course saved
English
Level 6: Trust & Safety
Lesson 6 · +10 XP

Allowlist the boring stuff

After a few sessions, you notice a pattern: you’ve approved ls forty times this week. You’ve approved git status thirty. You’ve approved pwd so many times you’re not even reading them anymore.

That’s a problem. Not because the prompts are slow — but because when you stop reading the boring ones, you stop reading the important ones too.

What an allowlist is

The fix isn’t to widen the mode. It’s to allowlist specific commands — tell Claude, in settings, “you may run these without ever asking.” Everything else still goes through the loop.

A good allowlist makes the prompts you do see impossible to ignore.

Once ls, pwd, git status, git diff, and a handful of others are on your list, the prompts that fire are all the ones that actually matter. The signal-to-noise of the whole experience flips.

What belongs

The litmus test: would I have run this exact command myself, without thinking? If yes, it’s a candidate. If you’d hesitate even for half a second, leave it off.

Good candidates:

  • Read-only filesystem stuff: ls, pwd, cat, head, find.
  • Read-only git: git status, git diff, git log, git branch.
  • Read-only language tools: npm list, python --version, node --version.

Bad candidates — keep these on the prompt:

  • Anything that writes: rm, mv, cp -r, touch in directories that matter.
  • Anything that runs your code in a way that could touch real systems — npm start in prod, anything with a database URL in front of it.
  • Anything that hits the network: curl, git push, npm publish.
  • Anything you only learned about yesterday — give it a few weeks of seeing it in prompts before letting it through.

A tiny example

You’ll see exactly how to write this list down in Level 9 (“Make Claude yours”) — that’s where settings.json lives. But the shape is roughly:

{
  "permissions": {
    "allow": [
      "Bash(ls:*)",
      "Bash(pwd)",
      "Bash(git status:*)",
      "Bash(git diff:*)"
    ]
  }
}

The point isn’t the exact syntax. The point is: you have control, at a granularity finer than “mode.” Use it.

The discipline

Add to the list slowly. One command at a time, after you’ve seen it in prompts enough to know it’s safe in all the directories you ever run it from. The allowlist is a long-term piece of your relationship with Claude — it’s worth a few seconds of consideration each time you grow it.

What’s next

The prompts and the allowlist control what happens inside a project. The next lesson is about a decision that happens earlier than any prompt: whether you should be letting Claude into this folder in the first place.