Pushary

What --dangerously-skip-permissions
actually does.

claude --dangerously-skip-permissions makes Claude Code run every tool call, bash, file writes, deletes, without asking for approval. People use it for unattended or overnight runs so the agent never blocks on a prompt.

The risk is that a wrong or injected command runs with no human gate. The safer pattern is to keep the agent moving but route approvals to your phone.

The flag

claude --dangerously-skip-permissions

Runs every tool call without a prompt for the whole session.

99,9%Zugestellt
Hacker NewsAuf Hacker News vorgestellt
3-4xvs E-Mail

What the flag actually does

It is not a lighter prompt or a smart allowlist. It removes the approval step for every tool for the rest of the session.

Skips every PreToolUse prompt

Bash commands, file writes, edits, and deletes all run without asking. Claude Code stops surfacing the approval prompt entirely for the session.

No per-tool gate

There is no allowlist and no exception. Once the flag is set, a wrong command runs the same as a correct one, with no chance to stop it first.

Same idea in other agents

Codex has --full-auto and a bypass sandbox mode, Cursor calls it YOLO mode, and Gemini CLI has --yolo. Each removes the approval step in its own way.

Why people use it, and the real risk

The flag solves a real problem. It also removes the one safeguard that stops a bad command before it runs.

Why people reach for it
You want the agent to keep moving on a long refactor without stopping to ask on every command.
You are running overnight or unattended and cannot sit at the terminal to tap approve.
You are inside a throwaway container or VM where a bad command cannot reach anything you care about.
What you give up
A wrong or hallucinated command runs with no human gate. rm on the wrong path, a force push, a bad migration.
Prompt injection from a file, web page, or dependency can steer the agent into a command you never intended.
There is no record of what ran or why. When something breaks, you have no audit trail to reconstruct it.

Three ways to run an agent

Full skip keeps the agent moving but drops the gate. Babysitting keeps the gate but pins you to the keyboard. A phone gate keeps both.

ApproachAgent keeps movingDestructive actions gatedAway from the keyboardAudit trail
Full skip (--dangerously-skip-permissions)
Babysit the terminal
Pushary phone-gate

The safer alternative

Pushary keeps a human gate on the risky tools through a PreToolUse hook. The agent runs on its own, but a destructive bash command, a delete, or an edit outside the allowlist is held. A push notification goes to your phone, you approve or deny in one tap from your lock screen, and every decision is logged. You keep the unattended flow of the skip flag without dropping the gate.

Skip permissions questions

What does --dangerously-skip-permissions do?

It tells Claude Code to run every tool call without asking for approval. Bash commands, file writes, edits, and deletes all execute immediately. The flag turns off the PreToolUse approval prompt for the whole session, which is why people use it for unattended or overnight runs.

Is --dangerously-skip-permissions safe?

It is only as safe as the environment you run it in. Inside a throwaway container or VM with nothing valuable to reach, the blast radius is small. On your real machine or with repo write access, a single wrong or injected command can delete files, force push, or run a bad migration with no chance to stop it. The safer pattern is to keep a human gate on the risky tools instead of removing all of them.

How do I skip permissions in Codex, Cursor, or Gemini?

Each agent has its own bypass. Codex uses --full-auto and a bypass sandbox mode, Cursor calls it YOLO mode in settings, and Gemini CLI takes --yolo. They all remove the approval step the same way Claude Code does. Pushary gates all of them through a PreToolUse hook, so you get one policy across agents instead of an all-or-nothing flag per tool.

How do I run Claude Code unattended without skipping every permission?

Add Pushary's PreToolUse hook. The agent keeps running on its own, but risky tool calls are held and a push notification goes to your phone. You approve or deny in one tap from your lock screen, and every decision is logged. You get the unattended flow of the skip flag without giving up the human gate.

Run unattended without skipping every permission.

Keep the agent moving, gate the risky calls, approve from your phone. Set up in two minutes.