Restrict Tool Access with --allowedTools
By default, Claude Code has access to a wide range of tools. When running automated tasks or scoped jobs, you can limit it to exactly the tools it needs.
claude --allowedTools "Read,Grep,Glob" \
"Find all TODO comments in this codebase and summarise them"
The --allowedTools flag accepts a comma-separated list of tool names. This is useful for CI workflows where you want Claude to analyse code but never write or execute anything, or for any situation where you want to reduce the blast radius of an automated run.
# Read-only audit — Claude can look but not touch
claude --allowedTools "Read,Grep,Glob,WebFetch" \
"Audit our npm dependencies for known vulnerabilities"
If you'd prefer to whitelist everything except a few specific tools, use the inverse:
# Allow everything except shell execution
claude --disallowedTools "Bash" \
"Refactor the auth module"
This pattern is especially useful when you're piping Claude into scripts or sharing access with team members who should have read-only Claude sessions.
Constraining Claude's tools makes automation more predictable and your environment more secure.
Log in to leave a comment.
When Claude writes error messages, button labels, validation text, or onboarding flows, it defaults to generic developer-speak. Add a "Users" section to your CLAUDE.md describing who your actual users are — their technical level, industry jargon, and what they care about — so Claude writes copy that makes sense to THEM, not to developers.
Use the --agent flag with custom markdown files in .claude/agents/ to launch purpose-built Claude sessions with restricted tools and scoped system prompts.
Every project has traps — the billing module that silently fails if you forget to queue the job, the legacy table with column names that don't match the model, the config value that must be set before tests run. Document these gotchas in your CLAUDE.md so Claude avoids the same mistakes your team spent days debugging.