Show HN: Claude Composer
89 comments
·June 5, 2025bubblyworld
Am I the only person who just runs claude code in yolo mode? Curious about these tools for fine-grained permission, did you get burned in a bad way?
I think I'm going to trigger half of hacker news with this, but honestly nothing claude does on my machine seems particularly scary, and it's way too far from AGI for me to worry about hostile takeover right now =P
mikebannister
Personally yes I do run it in yolo mode. And I think, to the extent anyone will use this project, people mostly won't be using the fine grained control. For me toolsets and full yolo are what is useful in this project.
I think the real use cases are something like:
1. Try cautious mode, gain confidence, switch to yolo 2. Use yolo mode and find that it keeps doing something that annoys or scares you so you configure an exception for it
On number 2 I thought I would use it this way to prevent some unwanted behavior but I ended up learning how to avoid those behaviors in other ways.
bubblyworld
Fair, I've had a similar experience. The edge-cases like installing weird dependencies (somebody mentioned that on this thread) I just deal with by changing my CLAUDE.md, and so far that's been fine.
mikebannister
I think if I end up not finding a real person (or myself) using them I'll ax it. It would take some heft off the project. Maybe just yolo OR cautious and call it day.
Jeff_Brown
I just rub it in Docker to limit folder access and prevent it from being able to push to my remote repo. Indestructible.
bubblyworld
Not a bad idea, thanks.
zackify
I use their official dev container config and limit access to a small list of domains too
CjHuber
I remember seeing on twitter how Claude 4 Sonnet tried to run rm -r ~ for some reason within cursor. It could have been a meme potentially, but from my experience this doesn’t seem to be to far off as it does weird things for weird reasons sometimes
pmarreck
It was because it had created a directory named "~" and then tried to remove it, which Bash would of course interpret as the actual home directory
michaelbuckbee
"Scary" doesn't need to mean Skynet taking over, it could just mean that Claude decides to yolo install a library with malware in it.
mceachen
There’s an infinitesimal chance that it’ll p0wn your repo.
There’s a strong chance it will remove your web service auth filter chain to make an integration test pass.
bubblyworld
Yeah, that's fair, but in this particular case I have instructions to avoid dependencies unless absolutely necessary and that works well. It's not a risk I'm super worried about.
kasey_junk
If you add mcp tooling you can quickly go off local.
I’m less worried about hostile behaviors than stupid ones.
devoutsalsa
Side question... how much is it costing you to run Claude Code on a regular basis?
bubblyworld
I'm not a heavy user by any means. I use it for project setup and routine-but-hard-to-automate refactoring, package upgrades, config files, fiddly stuff like that, for which it has been awesome. For me it's ~$30/mo.
callistus
FYI: Claude Code was just added to the Pro Plan ($20/month). I just switched. My usage was roughly the same.
https://support.anthropic.com/en/articles/11145838-using-cla...
qwertox
Honest question: What could it do to your machine if it went crazy? I've not used Claude Code yet.
bubblyworld
Anything your user has permissions to do, basically. It is absolutely possible to cause serious issues with it in yolo mode, but for me the risk seems acceptably low.
johnisgood
Anything you can think of, but IIRC it asks you if it can perform a particular command (you can tell it to remember that it can or something like that).
MarceliusK
Literally anything a terminal command can do to your machine. Delete things, install malware, send your data to the FBI, start a fire by overheating (ok, now I'm just kidding... or not)
serf
Add a 5 hour timer so that us with MAX subs can know when to come back to our Opus work.
I like it. thanks for the effort.
bizzleDawg
I was thinking that on this, folks need a cron task to run a trivial prompt at 5-6am and get that 5hr timer running so that it the majority of the quota is available in the working day morning, and then a new 5hr block starts around lunch time. This should maximise use of included tokens by a standard work day spanning 3 blocks rather than 2
diggan
Also useful for paid APIs like DeepSeek's, where they have cheaper inference price (50%/75% off) for UTC 16:30-00:30, so being able to schedule some stuff you know would take a ton of tokens for that time period would make sense.
caleblloyd
Thinking of switching from API access to Max 20x tomorrow for a more consistent bill.
Been using $50-100 of Opus tokens through API access per day. Think I’ll hit the Max 20x limits and get put in timeout?
I wish Max could automatically overflow to API access when it times out so I would need to have token anxiety.
Syzygies
I moved to Max after projecting a $2,000 annual API bill. I haven't yet hit five hour limits, but login/ toggles easily between plans. I believe the interface tells you when you've hit a limit, but as I said I don't know first hand.
SatvikBeri
According to CCUsage, I hit limits on Opus usage around the equivalent of $150. If we naively extrapolate, that suggests about $600 of Opus usage per session on Max 20x.
collin128
Can you help me understand how that works?
I thought you needed an API key to work with Claude Code
mikebannister
They give you Claude Code usage on all the paid plans now. A certain amount of usage is shared between Chat and Code.
agotterer
Not all paid plans, just Max. Pro doesn’t get access to Claude Code.
airstrike
I suggest a video on the README and breaking up that entire README into docs because it's too much content, then writing a much shorter README that gives people the answer they want coming into the page
tailspin2019
As a heavy Claude user, I’ve seen many examples of what it will produce as a README, and they all look exactly like this.
It definitely could use some editing!
mikebannister
Yeah I tried to keep it chill but it went pretty wild w/ docs. I think I'll just ask it to go on a 50% diet and see what happens! Stay tuned. :)
mikebannister
Ozempic treatment complete. Should be 50% less annoying.
https://github.com/possibilities/claude-composer/commit/45e1...
mikebannister
prompt> The docs are way to verbose and there's just too much content. The @readme.md and every doc in @docs/ needs to be trimmed down by ~50%. Please work hard, think hard, and work step by step, and file by file to make sure we have the best possible docs at about half the total size. Peace and love <3
furyofantares
I love Claude Code but I am extremely sick of slop readmes. Every time I notice I'm reading LLM output as a readme I feel punched in the gut. I didn't notice it with this project though.
mikebannister
Just dropped another 300 lines by manually editing. Glad you called out this slop. Thanks!
cmer
This is pretty epic! This should come standard with Claude Code. Thanks for this! Now going to bed, and will wake up to a brand new feature :)
stpedgwdgfhgdd
Don’t get fully the use-cases this tool solves except for some auto-accept.
You would also expect some eat-your-own-dog-food, why does https://github.com/possibilities/claude-composer/blob/main/s... not use CC with a prompt…
(Ps I left x/twitter a long time)
mikebannister
> auto-accept
That's pretty much it and the concept of "toolsets"
> You would also expect some eat-your-own-dog-food
Maybe, but personally I don't see a reason to use an LLM to release an npm module
config_yml
Would be lovely if this included some defaults around managing git worktrees for parallel work.
mikebannister
That's something I'd like to explore more. It's one of the reason I created "trusted roots". So I can open new worktrees and open claude in them all in one step without any confirmation.
If you want to suggest anything specific feel free to open an issue and we explore it more.
BugsJustFindMe
I read the description of what this is (nb. maybe move that to the top instead of the middle of the page?), and I don't think I understand what problem it solves.
> Reduced interruptions: Automatically handles permission dialogs based on configurable rules
Why? Claude Code already gives you the option to accept requests permanently going forward. The cost of configuring rules is worse than the cost of just telling Claude Code "yes and you don't need to ask again".
I'd like to see a few motivating user stories, tbh.
serf
>Why? Claude Code already gives you the option to accept requests permanently going forward. The cost of configuring rules is worse than the cost of just telling Claude Code "yes and you don't need to ask again".
want to see this mode fail catastrophically? write enough CLI stuff w/ python w/ powershell or wsl or some other 'leaky' cli. It will eventually fail a command and then try to pipe a shell command through the python interpreter or a specific PS incantation.
This means that you now need to approve 'git' , and 'python sh git' and 'powershell.exe git' and 'wsl.exe ubuntu git' as separate and independent commands. (I dont remember the shell incantation command so excuse the pseudocode).
That means that for the entire gambit of approvals needed for continued permission for a singular task might be 4x greater than normal -- probably more given that claude is aware of so many different ways to pipe to shell..
bckr
Claude has been adding PYTHONPATH to test commands, and for some reason, the “don’t ask again” doesn’t stick for these types of commands. So I’ve been trying to get it to use make commands, which can modify the environment, and don’t trigger the same permission issues. Just now I finally put it in CLAUDE.md “always use make commands to run tests”. Haven’t seen yet whether it will stick.
mikebannister
I hate to be pessimistic but this is something that CC doesn't seem good at: forgetting the tools that it loves and using the ones you want it to. You might want to try "disallowing" that command(?) explicitly (in addition to adding to CLAUDE.md and/or prompt).
I'm not sure what command is being called to set PYTHONPATH. If my assumption that it relates to a specific command is incorrect the above probably isn't helpful.
Good luck!
shwouchk
haven’t used claude code directly, but at least through copilot ive seen it read my makefile, extract the command, and run it directly after modifications. telling it to use make helped, but wasn’t perfect
mikebannister
> Why?
I have a lot of different projects, scenarios, and edge cases where it's helpful to me.
I think you will find that if you're interactive mode there will always be some dialogs to dismiss, especially if you're jumping around a lot of different projects, etc. So for me the goals are somewhere at the intersection of the interactive mode and unattended operation.
It depends what your goals are for sure. TBH I use it mostly in full yolo mode. But toolsets are much more useful for me. I can create groups of mcps and pre-allowed permissions and reuse that "preset". I have different types of projects that I use different toolsets for each.
But yeah, I hear you. This is pretty niche and might solve problems that only I care about.
mikebannister
Good chance this will ultimately end up being part of a set of training wheels that I'll take off gradually as I am able to move work over to using non-interactive instances of CC.
gdudeman
You may be able to do this with a user-based settings file, so you can have a base layer of settings across all projects. More on how to do that here: https://docs.anthropic.com/en/docs/claude-code/settings
sbarre
I like the notifications part! I may try this just for that one feature..
Thank you.. :-)
mikebannister
If you like the idea but they aren't working the way you'd like let me know. They aren't very "well baked" but I'll dump some time into improving at some point. If you have pain points or feedback I'll be happy to consider it.
BTW, I also intend to add some way to send push notifications of some sort. I need to be reminded when Claude is done hustling and and it's time to leave the comfort of my iced coffee on the patio for a keyboard and glowing terminal screen.
mikebannister
Also, good call, I wiggled the readme around a bit. Thanks!
rafram
You’re going to be hearing from Anthropic’s legal department very, very soon if you use this name.
bandrami
It's going to be hilarious to watch Anthropic argue with a straight face that it's illegal (or at least tortious) to take someone else's IP and repurpose it
ramblerman
I think this is about trademark not IP
bandrami
Trademark is a type of intellectual property protection
rafram
“Claude Composer” is just blatant trademark infringement. It sounds like an official Anthropic product.
mikebannister
We'll see. Happy to change it up if need be. I'd rather beg for forgiveness than permission. <3
bitpush
The name is a no-go. They are either going to be nice and ask you to do it or send a cease and desist.
I'd recommend you change it right away
closewith
TBH I think it's misleading, as I assumed it was an Anthropic product until seeing the repo owner. For ethical reasons, I think you should change it.
diggan
Yeah I mean ignoring the legal risks, naming something "$Company-name $Tool" is begging to have it confused with an official product from $Company-name. Even if you don't care about the legal risks, at least care about your users not being confused about who made the thing.
cruijffiaan
Really like this idea - my team was looking to build something like this ourselves. The only thing I would add to this repository would be the ability to add a global Claude.md file that would be common across the team (across different repos).
mikebannister
That's a good idea. Personally I don't use CLAUDE.md (everything goes in the prompt, thanks to context-composer, which I'll share another day) so I'm not motivated to have it but I'd be happy to collaborate on it and get that kind of feature merged in.
null
throwaway314155
How are fine grained permissions changed? Is it just modding a known claude configuration file?
mikebannister
No, the "automatic dismissal" effectively scrapes the terminal and parses out info from the dialog.
whalesalad
How much of this was produced with claude code?
mikebannister
All of it, in close collaboration :)
Central feature is a something like "yolo mode" but with fine grained controls over how yolo you're feeling. Also makes it easy to use "presets" of tools and permissions.
Let me know if you have any questions and feel free to contact me on X at https://x.com/possibilities