Claude Code Integration: Configure Permissions to Run Pipeline | AI App Factory Tutorial
What You'll Learn
- Configure Claude Code security permissions without using
--dangerously-skip-permissions - Understand the permission whitelist automatically generated by Factory
- Execute the complete 7-stage pipeline in Claude Code
- Master cross-platform permission configuration (Windows/macOS/Linux)
The Problem
When using Factory for the first time, you may encounter:
- Permission blocked: Claude Code prompts "no permission to read file"
- Using dangerous parameters: Forced to add
--dangerously-skip-permissionsto bypass security checks - Manual configuration hassle: Unsure which operations should be allowed
- Cross-platform issues: Inconsistent path permissions between Windows and Unix
Actually, Factory will automatically generate complete permission configurations. You just need to use them correctly.
When to Use This
When you need to run Factory pipelines in Claude Code:
- After using
factory initto initialize a project (auto-starts) - When using
factory runto continue the pipeline - When manually launching Claude Code
Why recommend Claude Code?
Claude Code is Anthropic's official AI programming assistant, deeply integrated with Factory's permission system. Compared to other AI assistants, Claude Code's permission management is more precise and more secure.
Core Concepts
Factory's permission configuration uses a whitelist mechanism: only explicitly allowed operations are permitted; everything else is prohibited.
Permission Whitelist Categories
| Category | Allowed Operations | Purpose |
|---|---|---|
| File Operations | Read/Write/Edit/Glob | Read and modify project files |
| Git Operations | git add/commit/push etc. | Version control |
| Directory Operations | ls/cd/tree/pwd | Browse directory structure |
| Build Tools | npm/yarn/pnpm | Install dependencies, run scripts |
| TypeScript | tsc/npx tsc | Type checking |
| Database | npx prisma | Database migration and management |
| Python | python/pip | UI design system |
| Testing | vitest/jest/test | Run tests |
| Factory CLI | factory init/run/continue | Pipeline commands |
| Docker | docker compose | Containerized deployment |
| Web Operations | WebFetch(domain:...) | Fetch API documentation |
| Skills | superpowers/ui-ux-pro-max | Plugin skills |
Why not use --dangerously-skip-permissions?
| Method | Security | Recommended |
|---|---|---|
--dangerously-skip-permissions | ❌ Allows Claude to perform any operation (including deleting files) | Not recommended |
| Whitelist configuration | ✅ Only allows explicit operations, prompts error for overreach | Recommended |
While whitelist configuration is initially complex to set up, once generated it's automatically reused and more secure.
🎒 Prerequisites
Before starting, please confirm:
- [x] Completed Installation and Configuration (start/installation/)
- [x] Completed Initialize Factory Project (start/init-project/)
- [x] Installed Claude Code: https://claude.ai/code
- [x] Project directory initialized (
.factory/directory exists)
Check if Claude Code is installed
Run the following command in terminal to confirm:
claude --versionIf prompted "command not found", please install Claude Code first.
Follow Along
Step 1: Initialize Project (Auto-generate Permissions)
Why: factory init will automatically generate .claude/settings.local.json, containing the complete permission whitelist.
Run in project directory:
# Create new directory and enter
mkdir my-factory-project && cd my-factory-project
# Initialize Factory project
factory initYou should see:
✓ Factory project initialized!
✓ Claude Code is starting...
(Please wait for window to open)Claude Code window will automatically open and display the following prompt:
Please read .factory/pipeline.yaml and .factory/agents/orchestrator.checkpoint.md,
start the pipeline, help me transform product idea fragments into a runnable application,
next I will input idea fragments. Note: The skills/ and policies/ files
referenced by Agent need to first search the .factory/ directory, then search the root directory.What happened:
- Created
.factory/directory, containing pipeline configuration - Generated
.claude/settings.local.json(permission whitelist) - Automatically launched Claude Code and passed startup prompt
Step 2: Verify Permission Configuration
Why: Confirm the permission file has been correctly generated to avoid runtime permission issues.
Check the generated permission file:
# View permission file content
cat .claude/settings.local.jsonYou should see (partial content):
{
"permissions": {
"allow": [
"Read(/path/to/project/**)",
"Write(/path/to/project/**)",
"Glob(/path/to/project/**)",
"Bash(git add:*)",
"Bash(git commit:*)",
"Bash(npm install:*)",
"Bash(npx prisma generate:*)",
"Skill(superpowers:brainstorming)",
"Skill(ui-ux-pro-max)",
"WebFetch(domain:github.com)",
"WebFetch(domain:npmjs.org)"
]
},
"features": {
"autoSave": true,
"telemetry": false
}
}Path explanation
Paths in permissions are automatically adjusted based on your operating system:
- Windows:
Read(//c/Users/...)(both lowercase and uppercase drive letters supported) - macOS/Linux:
Read(/Users/...)(absolute path)
Step 3: Start Pipeline in Claude Code
Why: Claude Code has configured permissions and can directly read Agent definitions and Skill files.
In the opened Claude Code window, input your product idea:
I want to create a mobile expense tracking app to help young people quickly record daily expenses,
avoid overspending at the end of the month. Main features are recording amount, selecting categories (food, transport, entertainment, other),
viewing this month's total expenses.You should see:
Claude Code will execute the following steps (automatically):
- Read
.factory/pipeline.yaml - Read
.factory/agents/orchestrator.checkpoint.md - Start Bootstrap phase, structuring your idea into
input/idea.md - Pause after completion, waiting for your confirmation
Checkpoint ✅: Confirm Bootstrap phase completed
# View generated structured idea
cat input/idea.mdStep 4: Continue Pipeline
Why: After each phase completes, manual confirmation is required to avoid error accumulation.
In Claude Code, reply:
ContinueClaude Code will automatically enter the next phase (PRD), and repeat the "execute → pause → confirm" process until all 7 phases are completed.
Use factory run to restart
If the Claude Code window is closed, you can run in terminal:
factory runThis will redisplay the Claude Code execution instructions.
Step 5: Cross-platform Permission Handling (Windows Users)
Why: Windows path permissions require special handling to ensure Claude Code can correctly access project files.
If you're using Windows, factory init will automatically generate permissions supporting drive letters:
{
"permissions": {
"allow": [
"Read(//c/Users/yourname/project/**)",
"Read(//C/Users/yourname/project/**)",
"Write(//c/Users/yourname/project/**)",
"Write(//C/Users/yourname/project/**)"
]
}
}Checkpoint ✅: Windows users verify permissions
# PowerShell
Get-Content .claude\settings.local.json | Select-String -Pattern "Read|Write"If you see both //c/ and //C/ path formats, it's correctly configured.
Checkpoint ✅
After completing the above steps, you should be able to:
- [x] Find the
.claude/settings.local.jsonfile - [x] See the complete permission whitelist (including Read/Write/Bash/Skill/WebFetch)
- [x] Successfully start the Bootstrap phase in Claude Code
- [x] View
input/idea.mdto confirm idea has been structured - [x] Continue executing the pipeline to the next phase
If you encounter permission errors, please see the "Troubleshooting" section below.
Troubleshooting
Problem 1: Permission Blocked
Error message:
Permission denied: Read(path/to/file)Causes:
- Permission file generation failed or path is incorrect
- Claude Code is using old permission cache
Solutions:
- Check if permission file exists:
ls -la .claude/settings.local.json- Regenerate permissions:
# Delete old permission file
rm .claude/settings.local.json
# Re-initialize (will regenerate)
factory init --force- Restart Claude Code to clear cache.
Problem 2: --dangerously-skip-permissions Warning
Error message:
Using --dangerously-skip-permissions is not recommended.Causes:
.claude/settings.local.jsonnot found- Permission file format error
Solutions:
Check permission file format (JSON syntax):
# Verify JSON format
python -m json.tool .claude/settings.local.jsonIf prompted with syntax error, delete the file and rerun factory init.
Problem 3: Windows Path Permissions Not Working
Error message:
Permission denied: Read(C:\Users\yourname\project\file.js)Causes:
- Drive letter path missing in permission configuration
- Incorrect path format (Windows needs to use
//c/format)
Solutions:
Manually edit .claude\settings.local.json, add drive letter paths:
{
"permissions": {
"allow": [
"Read(//c/Users/yourname/project/**)",
"Write(//c/Users/yourname/project/**)"
]
}
}Note that both drive letter cases must be supported (//c/ and //C/).
Problem 4: Skills Permission Blocked
Error message:
Permission denied: Skill(superpowers:brainstorming)Causes:
- Required Claude Code plugins not installed (superpowers, ui-ux-pro-max)
- Plugin version incompatibility
Solutions:
- Add plugin marketplace:
# Add superpowers plugin marketplace
claude plugin marketplace add obra/superpowers-marketplace- Install superpowers plugin:
claude plugin install superpowers@superpowers-marketplace- Add ui-ux-pro-max plugin marketplace:
claude plugin marketplace add nextlevelbuilder/ui-ux-pro-max-skill- Install ui-ux-pro-max plugin:
claude plugin install ui-ux-pro-max@ui-ux-pro-max-skill- Rerun the pipeline.
Factory will automatically try to install plugins
The factory init command will automatically try to install these plugins. If it fails, please install manually.
Summary
- Permission whitelist is more secure than
--dangerously-skip-permissions factory initautomatically generates.claude/settings.local.json- Permission configuration includes file operations, Git, build tools, database, web operations and other categories
- Cross-platform support: Windows uses
//c/paths, Unix uses absolute paths - Manual plugin installation: If automatic installation fails, you need to manually install superpowers and ui-ux-pro-max in Claude Code
Next Up
In the next lesson, we'll learn OpenCode and Other AI Assistants.
You will learn:
- How to run Factory pipelines in OpenCode
- Integration methods for other AI assistants like Cursor, GitHub Copilot
- Permission configuration differences for different assistants
Appendix: Source Code Reference
Click to expand source code locations
Last updated: 2026-01-29
| Function | File Path | Lines |
|---|---|---|
| Permission configuration generation | cli/utils/claude-settings.js | 1-292 |
| Auto-launch Claude Code | cli/commands/init.js | 119-147 |
| AI assistant detection | cli/commands/run.js | 105-124 |
| Claude Code instruction generation | cli/commands/run.js | 138-156 |
| Cross-platform path handling | cli/utils/claude-settings.js | 14-67 |
Key functions:
generatePermissions(projectDir): Generate complete permission whitelist, including Read/Write/Bash/Skill/WebFetch operationsgenerateClaudeSettings(projectDir): Generate and write.claude/settings.local.jsonfilelaunchClaudeCode(projectDir): Launch Claude Code window and pass startup promptdetectAIAssistant(): Detect currently running AI assistant type (Claude Code/Cursor/OpenCode)
Key constants:
- Windows path pattern:
Read(//c/**),Write(//c/**)(supports lowercase and uppercase drive letters) - Unix path pattern:
Read(/path/to/project/**),Write(/path/to/project/**) - Skills permissions:
'Skill(superpowers:brainstorming)','Skill(ui-ux-pro-max)'
Permission whitelist categories:
- File operations: Read/Write/Glob (supports wildcards)
- Git operations: git add/commit/push/pull etc. (complete Git command set)
- Build tools: npm/yarn/pnpm install/build/test/dev
- TypeScript: tsc/npx tsc/npx type-check
- Database: npx prisma validate/generate/migrate/push
- Python: python/pip install (for ui-ux-pro-max)
- Testing: vitest/jest/test
- Factory CLI: factory init/run/continue/status/reset
- Docker: docker compose/ps/build/run
- Web operations: WebFetch(domain:github.com) etc. (specified domain whitelist)