Use --dangerously-skip-permissions for Fully Unattended CI
By default, Claude Code will pause and ask for permission before running tools that could modify files or execute commands. That's great for interactive use, but it blocks fully automated pipelines where no one is watching.
The --dangerously-skip-permissions flag disables all permission prompts:
# Fully automated — no prompts, no human-in-the-loop
claude -p --dangerously-skip-permissions "Run the test suite and fix any failing tests"
This flag is only safe in sandboxed environments. Claude Code can and will modify files, run commands, and make network requests without asking. Use it exclusively in:
- Docker containers that are thrown away after the run
- Ephemeral GitHub Actions runners with no persistent state
- CI virtual machines that are rebuilt from scratch each time
Never use --dangerously-skip-permissions on your local machine or any environment where Claude can reach production systems, secrets, or data you care about.
For team CI pipelines, pair it with tight tool restrictions:
claude -p \
--dangerously-skip-permissions \
--allowedTools "Bash,Read" \
--max-turns 10 \
--max-budget-usd 2.00 \
"Run the linter and report any issues"
The --allowedTools flag limits which tools Claude can call, giving you a safer surface even with permissions skipped. Combined with --max-turns and --max-budget-usd, this pattern gives you full automation with meaningful guardrails.
Skip permissions only in sandboxes — and always combine with tool and budget limits.
Log in to leave a comment.
The autoUpdatesChannel setting pins Claude Code to a stable release track that skips versions with major regressions.
The language setting makes Claude respond in your preferred language by default, across every session and project.
The attribution setting lets you customize or completely remove Claude's Co-Authored-By trailer from git commits and pull requests.