← Back to all tutorials
Claude CodeEpisode 4

Tools & Permissions

Learn about Claude Code's built-in tools — file editing, command execution, and web search — and how the permission system keeps you in control.

Claude Code's Toolbox

Claude Code isn't just a chatbot — it has access to real development tools that let it take action in your project. Understanding these tools helps you write better prompts and know what Claude can and can't do.

Available Tools

📂 File Operations

Claude can read and write files in your project:

  • Read — View any file's contents to understand your code
  • Write — Create new files or completely rewrite existing ones
  • Edit — Make targeted changes to specific parts of a file
  • Search (Grep) — Find patterns across your entire codebase
  • List directory — Explore your project structure

💻 Bash Command Execution

Claude can run shell commands in your terminal:

# Examples of commands Claude might run:
npm install express          # Install dependencies
npm run test                 # Run your test suite
git status                   # Check Git state
grep -r "TODO" src/          # Search for patterns
cat package.json             # Read config files
curl https://api.example.com # Make HTTP requests

🌐 Web Search

Claude can search the web for documentation, solutions, and best practices when it needs information it doesn't already know.

The Permission System

Claude Code has a three-tier permission model to keep you in control:

1. Allow — Approve and Apply

For every tool use, Claude asks for your permission before acting. You see exactly what it wants to do:

Claude wants to edit src/api/users.ts:
  Line 24: - const users = await db.query("SELECT * FROM users");
  Line 24: + const users = await db.query("SELECT * FROM users LIMIT 100");

  Allow? (y/n)

2. Always Allow a Tool

If you trust Claude with certain operations, you can allow them automatically for the session:

# When prompted, choose "Always allow" for:
# - File reads (low risk)
# - Grep/search operations (read-only)
# - List directory (read-only)

3. Deny — Reject the Action

If Claude proposes something you don't want, simply reject it and provide alternative instructions.

Permission Modes

Claude Code offers different trust levels you can configure:

# Default mode — asks permission for everything
claude

# Allow all file edits automatically
claude --allowedTools "Edit,Write"

# Dangerously skip all permissions (use with caution!)
claude --dangerously-skip-permissions
⚠️ Warning: The --dangerously-skip-permissions flag should only be used in sandboxed environments like Docker containers or CI pipelines — never on your main development machine.

Understanding Tool Use Indicators

When Claude uses a tool, you see clear indicators in the terminal:

📂 Reading file: src/components/Header.tsx
🔍 Searching: grep -r "useState" src/
💻 Running: npm run test
✏️  Editing: src/api/users/route.ts
🌐 Searching web: "Next.js 14 server actions best practices"

Configuring Allowed Tools

You can configure which tools Claude is pre-authorized to use in your project's settings or CLAUDE.md. This is useful for CI/CD pipelines or headless environments where no human is present to approve actions.

Best Practices

  • Review diffs carefully — Always read the proposed changes before accepting
  • Allow read operations freely — File reads and searches are safe
  • Be cautious with shell commands — Especially commands that modify files or install packages
  • Use Git as a safety net — Commit before asking Claude to make large changes so you can revert if needed

What's Next

In the next episode, we'll explore Planning & Thinking — how to use extended thinking mode and planning prompts to tackle complex, multi-step tasks.

Claude CodeAICoding AgentCLIAnthropic