Claude Code auto mode:一种更安全跳过权限的方式
By default, Claude Code asks users for approval before running commands or modifying files. This keeps users safe, but it also means a lot of clicking "approve." Over time that leads to approval fatigue, where people stop paying close attention to what they're approving.
默认情况下,Claude Code 在运行命令或修改文件之前会向用户征求批准。这保持了用户的安全,但也意味着需要大量点击 "approve"。随着时间的推移,这会导致批准疲劳,人们不再密切注意他们批准的内容。
Users have two solutions for avoiding this fatigue: a built-in sandbox where tools are isolated to prevent dangerous actions, or the --dangerously-skip-permissions flag that disables all permission prompts and lets Claude act freely, which is unsafe in most situations. Figure 1 lays out the tradeoff space. Sandboxing is safe but high-maintenance: each new capability needs configuring, and anything requiring network or host access breaks isolation. Bypassing permissions is zero-maintenance but offers no protection. Manual prompts sit in the middle, and in practice users accept 93% of them anyway.
用户有两种解决方案来避免这种疲劳:内置沙箱,其中工具被隔离以防止危险操作,或者 --dangerously-skip-permissions 标志,它禁用所有权限提示,让 Claude 自由行动,这在大多数情况下是不安全的。Figure 1 展示了权衡空间。沙箱化是安全的但维护成本高:每个新功能都需要配置,任何需要网络或主机访问的东西都会破坏隔离。绕过权限是零维护但不提供保护。手动提示处于中间,在实践中用户反正接受了 93% 的提示。
Figure 1. The permission modes available in Claude Code, positioned by task autonomy and security . Dot colour indicates maintenance friction. Auto mode targets high autonomy at low maintenance cost; the dashed arrow shows security improvement over time as classifier coverage and model judgment get better.
Figure 1. Claude Code 中可用的权限模式,按任务自主性和安全性定位。点颜色表示维护摩擦。Auto 模式针对低维护成本的高自主性;虚线箭头显示随着分类器覆盖率和模型判断的改善,安全性随时间改进。
We keep an internal incident log focused on agentic misbehaviors. Past examples include deleting remote git branches from a misinterpreted instruction, uploading an engineer's GitHub auth token to an internal compute cluster, and attempting migrations against a production database. Each of these was the result of the model being overeager, taking initiative in a way the user didn't intend. We documented this pattern in the Claud...