Claude Code bypassPermissions prompts on .claude, .git

Hot take: this looks more like a breaking safety-policy change than a classic security exploit, but it matters because it rewrites what the mode name promises.

• –The core complaint is about permission enforcement, not code execution or data theft.
• –Anthropic appears to be intentionally exempting sensitive paths from full bypass behavior.
• –The lack of an override flag makes the change painful for advanced users who want the old workflow.
• –If you depend on Claude Code automation, version pinning and permission regression tests are now prudent.