You are working on a big refactor. Claude Code keeps asking: “Can I edit this file?” “Can I run this command?” “Can I delete this?” You say yes every time.
There is a flag that skips all of that.
It is called --dangerously-skip-permissions. Developers call it YOLO mode.
This article explains what it does, when it is safe, and when it can destroy your project.
What Is YOLO Mode?
YOLO mode is Claude Code running with no permission prompts. It executes everything — file edits, shell commands, deletions — without asking.
Enable it like this:
claude --dangerously-skip-permissions
Anthropic put the word “dangerously” in the flag name on purpose. You cannot accidentally enable it. You have to type the full flag every time.
What It Skips
When you run YOLO mode, Claude Code stops asking for approval before:
- Creating or editing any file
- Running any shell command
- Deleting files
- Making network requests
- Using any MCP tool
It runs end-to-end without stopping.
What It Does NOT Skip
In bypassPermissions mode, Claude Code skips all permission prompts. There are no automatic exceptions for specific directories — everything is accessible.
This is what makes it dangerous. Even your .git folder, config files, and system directories are within reach if Claude decides to touch them.
The Real Risk
In October 2025, a developer named Mike Wolak was working on a firmware project. He ran Claude Code with --dangerously-skip-permissions. Claude executed rm -rf starting from root (/).
Thousands of permission errors. Every user-owned file on the machine was deleted. Only Linux system file permissions prevented total destruction.
This is a real incident. It is documented in GitHub issue #10077 on the Claude Code repository.
When It Is Safe
YOLO mode is safe in one situation: inside an isolated environment.
# Inside a Docker container — safe (no host volume mount)
docker run -it --rm node:20 bash
# then inside the container:
claude --dangerously-skip-permissions
Safe use cases:
- Docker containers with no access to your host filesystem
- CI/CD pipelines with isolated runners
- Virtual machines that you can snapshot and restore
- Generating boilerplate for a new project before any real data exists
Unsafe use cases:
- Your laptop
- Any machine with important files
- Any machine connected to production systems
The Safer Alternative: Auto Mode
In March 2026, Anthropic released auto mode as a safer middle ground (currently in research preview for Teams users).
claude --permission-mode auto
Auto mode uses AI classifiers to detect dangerous actions and block them. Safe operations run without prompts. Dangerous operations still get blocked.
You can also configure it in .claude/settings.json:
{
"defaultMode": "auto"
}
For most workflows, auto mode gives you the speed of YOLO mode with actual safety rails.
All Permission Modes
| Mode | Behavior |
|---|---|
default | Prompts for every dangerous operation |
acceptEdits | Auto-accepts file edits, prompts for commands |
plan | Read-only — Claude cannot edit or run anything |
auto | AI classifies and blocks dangerous actions |
bypassPermissions | Skips everything (YOLO mode) |
Switch between modes during a session with Shift+Tab.
Fine-Grained Permissions (Better Than YOLO)
Instead of skipping everything, you can allow specific commands:
{
"permissions": {
"allow": [
"Bash(npm:run *)",
"Bash(git:commit *)",
"Bash(git:add *)"
],
"deny": [
"Bash(git:push *)",
"Bash(rm:*)"
]
}
}
This gives Claude Code the speed it needs for your workflow without opening the door to everything.
The Alias Some Developers Use
Some developers set up a shell alias for YOLO mode:
alias cc='claude --dangerously-skip-permissions'
This is fine inside a Docker container. On your main machine, it is a risk.
Summary
YOLO mode (--dangerously-skip-permissions) removes all permission prompts from Claude Code. It is useful in isolated environments for automated tasks. On your host machine, it can delete your files with no warning.
If you want fewer interruptions without the risk, use auto mode (--permission-mode auto) instead.