Claude Code Launches Auto Mode: Long Tasks Without Repeated Approvals, Safer Than Dangerous Mode

Currently available as a research preview for Team plan users.

Author: Anthropic

Translation: Deep潮 TechFlow

Deep潮 Guide: Claude Code previously required manual approval at each step or used --dangerously-skip-permissions to completely bypass checks.

Auto Mode is a middle ground: AI autonomously determines whether each operation is safe, automatically intercepts dangerous actions, allowing long tasks to run hands-free.

Currently available as a research preview for Team plan users.

Full Text:

Claude Code’s Auto Mode

Today, we are launching Auto Mode—a new permission mode for Claude Code. In this mode, Claude makes permission decisions on your behalf and checks each operation through a safety mechanism before execution. Currently available as a research preview for Team plan users, it will be rolled out to Enterprise plan and API users in the coming days.

How it works

Claude Code’s default permission setting is deliberately conservative: each file write and bash command execution requires your manual approval. This is a safe default, but it means you can’t start a large task and walk away, as Claude will frequently ask for manual confirmation during the process. Some developers choose to use --dangerously-skip-permissions to bypass all permission checks, but doing so can be dangerous and destructive, and should not be used outside isolated environments.

Auto Mode is a middle path: it allows you to run longer tasks with fewer interruptions, with less risk than skipping all permissions. Before each tool call, a classifier reviews the operation to detect potential destructive actions, such as bulk file deletions, sensitive data leaks, or malicious code execution.

Operations deemed safe by the classifier are automatically executed, while risky actions are intercepted and Claude is guided to use alternative methods. If Claude insists on executing repeatedly intercepted operations, a permission prompt will eventually be triggered for the user.

Expected Usage

Compared to --dangerously-skip-permissions, Auto Mode reduces risk but does not eliminate it entirely. We still recommend using it in isolated environments. The classifier may still allow some risky operations—such as when user intent is ambiguous or Claude lacks sufficient context about your environment to assess potential risks. It may also occasionally block harmless actions. We will continue to improve this experience.

Auto Mode may have slight impacts on token consumption, cost, and latency for tool calls.

How to Get Started

Auto Mode is available today as a research preview for Claude Team users and will be rolled out to Enterprise and API users in the coming days. Supported versions include Claude Sonnet 4.6 and Opus 4.6.

Administrators: Auto Mode will soon be available to all Claude Code users on Enterprise, Team, and Claude API plans. To disable it in CLI and VS Code extensions, set “disableAutoMode”: “disable” in your managed settings. The Claude desktop app defaults to Auto Mode off but can be enabled via Organization Settings → Claude Code.

Developers: Run claude --enable-auto-mode to activate Auto Mode, then press Shift+Tab to switch to it. In desktop and VS Code extensions, enable Auto Mode in Settings → Claude Code, then select it from the permission mode dropdown in your session.

For more information, please refer to the documentation.