docs: add Claude Code approve mode permission routing documentation (#7949)

Signed-off-by: Rizel Scarlett <rizel@squareup.com>
Signed-off-by: Angie Jones <angie@Angies-MBP.lan>
Signed-off-by: Douwe Osinga <douwe@squareup.com>
Co-authored-by: Douwe Osinga <douwe@squareup.com>
Co-authored-by: Angie Jones <jones.angie@gmail.com>
Co-authored-by: Angie Jones <angie@Angies-MBP.lan>
This commit is contained in:
Rizel Scarlett
2026-03-20 08:31:39 -07:00
committed by GitHub
parent 645757d1ec
commit 8df8642660
2 changed files with 29 additions and 0 deletions
@@ -301,6 +301,21 @@ The following models are recognized and passed to the Claude CLI via the `--mode
| `approve` | `--permission-prompt-tool stdio` | Routes permission checks through the control protocol (prompts as needed) |
| `chat` | (none) | Default Claude Code behavior |
:::tip Approve Mode Integration
When using `approve` or `smart_approve` mode with Claude Code, goose routes Claude Code's permission prompts through goose's confirmation interface. This means:
- **Sensitive operations** (file writes, shell commands, etc.) trigger approval prompts in goose
- **You review and approve/deny** directly in the goose CLI or Desktop interface
- **Denied operations** are communicated back to Claude Code, which adapts accordingly
This provides a consistent permission experience across all goose providers while leveraging Claude Code's built-in safety checks.
Example with approve mode:
```bash
GOOSE_PROVIDER=claude-code GOOSE_MODE=approve goose session
```
:::
### Cursor Agent Configuration
| Environment Variable | Description | Default |
@@ -145,3 +145,17 @@ Here's how to configure:
Read/write approval makes best effort attempt at classifying read or write tools. This is interpreted by your LLM provider.
:::
## CLI Provider Permission Integration
When using [CLI providers](/docs/guides/cli-providers) like Claude Code, goose integrates with the provider's native permission system. In approve mode, permission requests from Claude Code are routed through goose's confirmation interface, giving you a unified experience.
For example, with Claude Code in approve mode:
- Claude Code detects sensitive operations (file writes, shell commands, tool calls)
- The permission prompt appears in goose's interface (CLI or Desktop)
- Your allow/deny decision is sent back to Claude Code
- Claude Code proceeds or adapts based on your response
This integration uses the same mechanism as the official Claude Agent SDKs, ensuring compatibility and consistent behavior.
See [CLI Providers - Claude Code Configuration](/docs/guides/cli-providers#claude-code-configuration) for setup details.