Budding
Planted January 20, 2026
Tended June 11, 2026 9 min read
Coding Agent Cheat Codes
CLI flags, environment variables, and proxy tricks for agentic engineering (or vibe coding, whatever you call it)
You know how old video games had cheat codes? ↑↑↓↓←→←→BA and suddenly you’re invincible?
Claude Code has its own version. CLI flags for granular permissions, undocumented environment variables that unlock hidden behaviors, and proxy configurations that let you route through different backends.
Some of this is documented (the CLI flags). Most of it isn’t. You’re welcome.
God mode: permission bypasses
For authorized pen-testing and CI/CD pipelines where you need to skip the permission prompts:
claude --permission-mode bypassPermissions # Auto-accept everything (CI/CD, sandboxes)
claude --permission-mode acceptEdits # Auto-accept file edits, ask for the rest
claude --permission-mode plan # Read-only analysis, no modifications
claude --permission-mode dontAsk # Deny anything not pre-allowed
export IS_SANDBOX=1 # Sandbox environment flag - relaxes some permission checksOr make a mode the default in .claude/settings.json:
{ "permissions": { "defaultMode": "acceptEdits" } }Correction, June 2026: an earlier version of this post documented
CLAUDE_CODE_ACTION="bypassPermissions" as a permission env var. It never was one. The real levers are --permission-mode and permissions.defaultMode.
These are meant for controlled environments. Don’t run
bypassPermissions on your production machine unless you enjoy chaos.
CLI flags
These are the flags you pass directly to the claude command.
Permission & tool control
# Granular tool permissions (the smart way)
claude --allowedTools "Bash(git *)" "Bash(npm *)" "Write" "Read"
# Block specific dangerous tools
claude --disallowedTools "Bash(rm:*)" "Bash(sudo:*)"
# YOLO mode - skip ALL permission prompts
claude --dangerously-skip-permissions
# Set permission mode at startup
claude --permission-mode <mode> # default | acceptEdits | plan | auto | dontAsk | bypassPermissionsPattern matching works too:
Write(src/**)- Allow writes only in src/Bash(git *)- Allow git commandsBash(npm test)- Allow only npm test
Model selection
claude --model fable # Fable 5 (alias)
claude --model opus # Use Opus
claude --model sonnet # Use Sonnet
claude --model claude-fable-5 # Full model name
claude --fallback-model sonnet,haiku # Fallbacks in order when overloaded (print mode)Session management
claude -c # Continue most recent conversation
claude -r "session-name" # Resume specific session by name/ID
claude -n "auth-refactor" # Name the session (shows in the /resume picker)
claude --from-pr 123 # Resume the session linked to a PR
claude --session-id <uuid> # Use specific session ID
claude -c --fork-session # Fork last session into new branch
claude -r "session" --fork-session # Fork specific session into new branch
claude -w feature-x # New git worktree for this session
claude --no-session-persistence # Don't save session (print mode)--fork-session creates a new session ID from the resumed point, leaving the original untouched. Like git branching for conversations.
System prompts
# Replace entire system prompt
claude --system-prompt "You are a Python expert"
claude --system-prompt-file ./my-prompt.txt
# Append to default prompt (keeps Claude Code behavior)
claude --append-system-prompt "Always use TypeScript"
claude --append-system-prompt-file ./extra-instructions.txtOutput formats (print mode)
claude -p "query" --output-format text # Plain text (default)
claude -p "query" --output-format json # JSON output
claude -p "query" --output-format stream-json # Streaming JSON
# Get validated JSON matching a schema
claude -p "query" --json-schema '{"type": "object", ...}'Limits & budgets
claude --max-budget-usd 5.00 # Cap spending at $5 (print mode)
claude --effort max # Effort level: low/medium/high/xhigh/maxDirectories & config
claude --add-dir /path/to/other/project # Add extra working directories
claude --settings ./my-settings.json # Custom settings file
claude --mcp-config ./mcp-servers.json # Load MCP servers from file
claude --strict-mcp-config # Only use specified MCP serversDebugging
claude --debug # Debug mode
claude --verbose # Full turn-by-turn output
claude -v # Show version
claude --safe-mode # Disable ALL customizations (broken-config rescue)
claude --bare # Minimal mode: no hooks, plugins, or CLAUDE.md discoveryIDE & browser
claude --ide # Auto-connect to IDE on startup
claude --chrome # Enable Chrome integration
claude --no-chrome # Disable Chrome integrationCustom agents (advanced)
claude --agents '{
"code-reviewer": {
"description": "Expert code reviewer",
"prompt": "You are a senior code reviewer...",
"tools": ["Read", "Edit", "Bash"],
"model": "sonnet"
}
}'Web sessions
claude --remote-control # Start a session you can drive from claude.ai or your phoneThe old --remote / --teleport pair folded into --remote-control somewhere along the way. If a flag in this post stops working, check the living references at the bottom.
The banner hack
Tired of seeing your name and account info every time you launch Claude Code?
export IS_DEMO=1 # Hides identity from welcome bannerUseful for screen recordings, pair programming, or just not wanting your email displayed constantly.
Proxy your requests
Want to route Claude Code through a different API endpoint? Maybe you’re using a proxy service, a custom gateway, or want to experiment with compatible models.
Custom API endpoint
export ANTHROPIC_BASE_URL="https://your-proxy-endpoint.com/api/anthropic"
export ANTHROPIC_AUTH_TOKEN="your-api-key"
export ANTHROPIC_MODEL="your-model-name"Local models with Ollama
Run Claude Code against local models:
export ANTHROPIC_AUTH_TOKEN=ollama
export ANTHROPIC_BASE_URL=http://localhost:11434The same pattern reaches hosted endpoints: point ANTHROPIC_BASE_URL at any Anthropic-compatible API and pass its key as ANTHROPIC_AUTH_TOKEN.
Authentication & API configuration
ANTHROPIC_API_KEY # Primary API key for Claude
ANTHROPIC_AUTH_TOKEN # Alternative auth token
ANTHROPIC_BASE_URL # Custom endpoint (proxies, gateways)
ANTHROPIC_BETAS # Comma-separated beta features to enable
ANTHROPIC_CUSTOM_HEADERS # Custom HTTP headers (JSON format)
CLAUDE_CODE_OAUTH_TOKEN # OAuth token for authenticationAWS Bedrock
CLAUDE_CODE_USE_BEDROCK=1 # Use AWS Bedrock instead of direct API
AWS_ACCESS_KEY_ID # AWS access key
AWS_SECRET_ACCESS_KEY # AWS secret key
AWS_SESSION_TOKEN # For temporary credentials
AWS_REGION # AWS region for Bedrock
AWS_PROFILE # AWS profile name
BEDROCK_BASE_URL # Custom Bedrock endpoint
CLAUDE_CODE_SKIP_BEDROCK_AUTH=1 # Skip Bedrock auth (for custom setups)Google Vertex AI
CLAUDE_CODE_USE_VERTEX=1 # Use Google Vertex AI
ANTHROPIC_VERTEX_PROJECT_ID # GCP Project ID
VERTEX_BASE_URL # Custom Vertex endpoint
VERTEX_REGION_CLAUDE_4_0_OPUS # Region for Opus
VERTEX_REGION_CLAUDE_4_0_SONNET # Region for Sonnet
GOOGLE_APPLICATION_CREDENTIALS # Path to service account JSON
CLAUDE_CODE_SKIP_VERTEX_AUTH=1 # Skip Vertex authModel selection (environment)
ANTHROPIC_MODEL # Default model to use
ANTHROPIC_SMALL_FAST_MODEL # Smaller model for quick operations
CLAUDE_CODE_SUBAGENT_MODEL # Model for sub-agent operations
ANTHROPIC_CUSTOM_MODEL_OPTION # Add a custom entry to the /model pickerToken & output limits
CLAUDE_CODE_MAX_OUTPUT_TOKENS # Max output tokens for responses
MAX_THINKING_TOKENS # Max tokens for model thinking steps (0 = off)
BASH_MAX_OUTPUT_LENGTH # Max length of bash command output
CLAUDE_CODE_DISABLE_1M_CONTEXT=1 # Opt out of the 1M context windowTimeout configuration
API_TIMEOUT_MS # API request timeout (default: 600000)
BASH_DEFAULT_TIMEOUT_MS # Default timeout for bash commands
BASH_MAX_TIMEOUT_MS # Maximum timeout for bash commandsExecution controls
FORCE_CODE_TERMINAL=1 # Force CLI mode in GUI environments
CLAUDE_BASH_MAINTAIN_PROJECT_WORKING_DIR=1 # Keep bash in project directory
CLAUDE_CODE_SHELL_PREFIX # Prefix for shell commands
CLAUDE_CODE_DISABLE_COMMAND_INJECTION_CHECK=1 # Disable injection security checksThinking & response modes
DISABLE_INTERLEAVED_THINKING=1 # Traditional responses (no interleaved reasoning)
DISABLE_MICROCOMPACT=1 # Verbose output (disable compression)
USE_API_CONTEXT_MANAGEMENT=1 # Better memory/context handlingMCP (Model Context Protocol) settings
MCP_TIMEOUT # MCP server startup timeout (ms)
MCP_TOOL_TIMEOUT # Timeout for MCP tool execution
MAX_MCP_OUTPUT_TOKENS # Max tokens for MCP outputs
MCP_OAUTH_CALLBACK_PORT # Port for OAuth callback
MCP_SERVER_CONNECTION_BATCH_SIZE # Batch size for server connectionsIDE integration
CLAUDE_CODE_AUTO_CONNECT_IDE=1 # Auto-connect to IDE
CLAUDE_CODE_IDE_HOST_OVERRIDE # Custom host for IDE communication
CLAUDE_CODE_IDE_SKIP_AUTO_INSTALL=1 # Skip IDE extension auto-install
CLAUDE_CODE_IDE_SKIP_VALID_CHECK=1 # Bypass IDE validation
CLAUDE_CODE_GIT_BASH_PATH # Path to Git Bash (Windows)Debugging & telemetry
DEBUG=1 # Verbose logging
DEBUG_AUTH=1 # Authentication debugging
DISABLE_TELEMETRY=1 # Turn off data collection
CLAUDE_CODE_ENABLE_TELEMETRY=1 # Explicitly enable telemetry
DISABLE_ERROR_REPORTING=1 # Disable automatic error reporting
CLAUDE_CODE_SESSION_ID # Unique session ID, useful for hooks and CI tracingSentry error tracking
SENTRY_DSN # Sentry Data Source Name
SENTRY_ENVIRONMENT # Sentry environment name
SENTRY_RELEASE # Sentry release version
SENTRY_TRACES_SAMPLE_RATE # Performance monitoring sample rateOpenTelemetry
OTEL_EXPORTER_OTLP_ENDPOINT # OTLP exporter endpoint
OTEL_EXPORTER_OTLP_HEADERS # OTLP exporter headers
OTEL_LOG_USER_PROMPTS=1 # Log user prompts in telemetry
CLAUDE_CODE_OTEL_SHUTDOWN_TIMEOUT_MS # OTEL shutdown timeoutPerformance tuning
CHOKIDAR_USEPOLLING=1 # File watching via polling (VMs/containers/WSL)
CHOKIDAR_INTERVAL=500 # Polling interval in ms (default: 100)
DISABLE_PROMPT_CACHING=1 # Disable response caching (you'll get a startup warning)
ENABLE_PROMPT_CACHING_1H=1 # Opt into the 1-hour prompt cache TTL
USE_BUILTIN_RIPGREP=1 # Use bundled ripgrep instead of system
CLAUDE_CODE_MAX_RETRIES # Max request retries on failureDisable commands
Don’t want users running certain commands? Block them:
DISABLE_AUTOUPDATER=1 # No automatic updates
DISABLE_UPDATES=1 # Block all update paths
DISABLE_BUG_COMMAND=1 # No bug reporting
DISABLE_COST_WARNINGS=1 # No API cost warnings
DISABLE_DOCTOR_COMMAND=1 # No diagnostic command
DISABLE_LOGIN_COMMAND=1 # No login
DISABLE_LOGOUT_COMMAND=1 # No logout
DISABLE_UPGRADE_COMMAND=1 # No upgrade command
DISABLE_INSTALL_GITHUB_APP_COMMAND=1 # No GitHub app install
DISABLE_MIGRATE_INSTALLER_COMMAND=1 # No installer migration
CLAUDE_CODE_DISABLE_CRON=1 # Disable scheduled tasksTLS/SSL configuration
CLAUDE_CODE_CLIENT_CERT # Path to client certificate
CLAUDE_CODE_CLIENT_KEY # Path to client private key
CLAUDE_CODE_CLIENT_KEY_PASSPHRASE # Passphrase for encrypted key
CLAUDE_CODE_CERT_STORE # TLS CA source: bundled or system
NODE_EXTRA_CA_CERTS # Additional CA certificatesNetwork & proxy
HTTP_PROXY # HTTP proxy URL
HTTPS_PROXY # HTTPS proxy URL
NO_PROXY # Domains to exclude from proxy
CLAUDE_CODE_DISABLE_NONESSENTIAL_TRAFFIC=1 # Minimize network calls
CLAUDE_CODE_DONT_INHERIT_ENV=1 # Don't inherit env varsMisc & experimental
CLAUDE_CONFIG_DIR # Custom config directory
CLAUDECODE # =1 inside a Claude Code shell - handy for scripts
CLAUDE_CODE_DISABLE_AUTO_MEMORY=1 # Turn off auto memory
CLAUDE_CODE_DISABLE_ALTERNATE_SCREEN=1 # Opt out of fullscreen rendering
CLAUDE_FORCE_DISPLAY_SURVEY=1 # Force display user surveys
CLAUDE_CODE_ENTRYPOINT # Custom app entrypoint
CLAUDE_CODE_EXTRA_BODY # Additional JSON for API requests
CLAUDE_CODE_DISABLE_TERMINAL_TITLE=1 # Don't update terminal title
CLAUDE_CODE_DISABLE_FINE_GRAINED_TOOL_STREAMING=1 # Disable detailed streaming
CLAUBBIT # Internal dev/debug flag (don't touch)Making it permanent
Add to your shell config (~/.bashrc, ~/.zshrc):
# Claude Code tweaks
export IS_DEMO=1
export DISABLE_TELEMETRY=1
export CHOKIDAR_USEPOLLING=1 # if you're in WSL/DockerThen reload:
source ~/.zshrcThe documentation gap
The gap between official docs and real-world settings is massive. These variables exist in the codebase but aren’t advertised.
Some are intentionally hidden. Some are just undocumented. All of them give you more control over how your coding agent behaves.
Use them wisely. Or don’t. I’m not your mom.
Living references
This is a garden post: it gets tended as Claude Code ships. Flags above were last verified against the live claude --help at v2.1.173 (June 2026). When something here stops working, one of these probably already documents the replacement:
- Claude Code Cheat Sheet — community sheet, updated per release, covers keybindings, slash commands, and settings beyond this post’s scope
- learn-claude-code
- claude-code-best-practice