Preflight Checklist
Type of Behavior Issue
Other unexpected behavior
What You Asked Claude to Do
See attached (redacted, and line-wrapped for readability) for a full exchange analyzing occurrences based on claude/agent logs. The analysis ran afoul of some of the same issues being analyzed.
claude.cat-sed-grep.txt
What Claude Actually Did
I frequently see Bash tool permission requests invocations just like the following:
# Output lines 147-162 from a given file.
sed -n 147,162p /path/to/some/file
# Search for a pattern in a directory.
grep -r "^some pattern$" /path/to/some/dir
# Write a file from content expressed via heredoc.
cat > file.txt <<EOF ... EOF
Often these are just solitary commands (not as part of a pipeline). Sometimes, e.g. grep, might be piped to head. Sometimes these &&'d commands like:
cat > file.py <<EOF ... EOF && chmod +x file.py && ./file.py
Expected Behavior
All of the above examples are undesirable.
These cases should broadly use the Read, Grep (builtin, not Bash(grep)), and Write/Edit.
The &&'d example above ideally should use Write followed by Bash tool call(s).
Files Affected
N/A
Permission Mode
Accept Edits was ON (auto-accepting changes)
Can You Reproduce This?
Sometimes (intermittent)
Steps to Reproduce
Sufficiently long code-investigation/debugging sessions will usually involve seeing many permission prompts matching these undesirable patterns.
Claude Model
Sonnet
Relevant Conversation
N/A
Impact
Medium - Extra work to undo changes
Claude Code Version
v2.1.2
Platform
AWS Bedrock
Additional Context
I'll let Claude's own analysis conclusions explain why this matters (everything that follows is from Claude own reflection)...
Why This Matters
Built-in tools (Read, Grep, Write, Edit) are specifically designed to work efficiently with Claude Code's permission system. Using bash commands bypasses these optimizations, resulting in slower task completion and more human time spent on reviews. The permission system can cache approvals for built-in tool operations but cannot cache unique bash command content like heredocs, creating significant efficiency penalties in human-in-the-loop workflows.
Key Findings
1. sed -n for line ranges (45 cases, ~40 problematic)
When users mention line ranges (e.g., "lines 253-343" or "around line 150"), Claude agents often reach for sed -n because it directly translates the user's language. The Read tool requires offset/limit arithmetic (offset=252, limit=91), creating cognitive overhead. The root issue is parameter mismatch: users think in line numbers, but the Read tool speaks in offsets and limits. Solution: Add start_line/end_line parameters to the Read tool so agents can write Read(start_line=253, end_line=343) directly, eliminating the mental translation step and making the tool as intuitive as sed.
2. grep for searching (45 cases, ~30 problematic)
Claude agents use bash grep commands for operations like counting matches (grep -c), showing context lines (grep -A/-B/-C), or recursive searching (grep -r) because these features aren't obviously discoverable in the Grep tool. While the Grep tool supports all these capabilities (output_mode="count", -A=N, -B=N, -C=N parameters), they're buried in documentation. Agents fall back to familiar bash idioms because grep -c feels more direct than Grep(output_mode="count"). Solution: Enhanced system prompt with concrete examples showing how common grep patterns translate to Grep tool calls, and improved tool descriptions that prominently highlight these features.
3. cat heredoc for file creation (127 cases, ~127 problematic)
This is the most critical pattern because it represents a fundamental permission efficiency problem. Claude agents believe that writing file content inline with a heredoc bash command is more efficient, but this is a false efficiency heuristic. The permission system cannot cache heredoc approvals because each heredoc contains unique content, requiring full human review every time. Write tool operations complete reviews more efficiently and benefit from permission caching. When files need iteration (common for debugging scripts or refining content), heredocs require full reviews for every revision, while Edit tool presents diffs that dramatically reduce human review time for subsequent revisions. This applies to ALL file types: scripts, documentation, test fixtures, configs, temporary files. Solution: System prompt guidance emphasizing that Write/Edit tools are strictly more efficient for ALL file creation due to permission system architecture, particularly when considering human-in-the-loop review time.
Recommended Actions
Read tool enhancement:
- Add
start_line and end_line parameters
- Keep existing
offset/limit for compatibility
- Example:
Read(file_path="/path/to/file", start_line=253, end_line=343)
System prompt updates:
- Add user language translation guide: "lines X-Y" → Read tool with start_line/end_line
- Add permission efficiency guidance: Write/Edit for ALL file creation (never cat heredoc)
- Explain why: permission caching and diff-based reviews make Write/Edit more efficient for human-in-the-loop workflows
- Add Grep tool feature examples: counting, context lines, recursive search
Tool description improvements:
- Grep tool: Prominently show output_mode="count" and context parameters
- Read tool: Explain start_line/end_line as intuitive alternative to offset/limit
Preflight Checklist
Type of Behavior Issue
Other unexpected behavior
What You Asked Claude to Do
See attached (redacted, and line-wrapped for readability) for a full exchange analyzing occurrences based on claude/agent logs. The analysis ran afoul of some of the same issues being analyzed.
claude.cat-sed-grep.txt
What Claude Actually Did
I frequently see Bash tool permission requests invocations just like the following:
Often these are just solitary commands (not as part of a pipeline). Sometimes, e.g. grep, might be piped to
head. Sometimes these&&'d commands like:Expected Behavior
All of the above examples are undesirable.
These cases should broadly use the
Read,Grep(builtin, notBash(grep)), andWrite/Edit.The
&&'d example above ideally should useWritefollowed byBashtool call(s).Files Affected
N/A
Permission Mode
Accept Edits was ON (auto-accepting changes)
Can You Reproduce This?
Sometimes (intermittent)
Steps to Reproduce
Sufficiently long code-investigation/debugging sessions will usually involve seeing many permission prompts matching these undesirable patterns.
Claude Model
Sonnet
Relevant Conversation
N/A
Impact
Medium - Extra work to undo changes
Claude Code Version
v2.1.2
Platform
AWS Bedrock
Additional Context
I'll let Claude's own analysis conclusions explain why this matters (everything that follows is from Claude own reflection)...
Why This Matters
Built-in tools (Read, Grep, Write, Edit) are specifically designed to work efficiently with Claude Code's permission system. Using bash commands bypasses these optimizations, resulting in slower task completion and more human time spent on reviews. The permission system can cache approvals for built-in tool operations but cannot cache unique bash command content like heredocs, creating significant efficiency penalties in human-in-the-loop workflows.
Key Findings
1. sed -n for line ranges (45 cases, ~40 problematic)
When users mention line ranges (e.g., "lines 253-343" or "around line 150"), Claude agents often reach for sed -n because it directly translates the user's language. The Read tool requires offset/limit arithmetic (offset=252, limit=91), creating cognitive overhead. The root issue is parameter mismatch: users think in line numbers, but the Read tool speaks in offsets and limits. Solution: Add start_line/end_line parameters to the Read tool so agents can write Read(start_line=253, end_line=343) directly, eliminating the mental translation step and making the tool as intuitive as sed.
2. grep for searching (45 cases, ~30 problematic)
Claude agents use bash grep commands for operations like counting matches (grep -c), showing context lines (grep -A/-B/-C), or recursive searching (grep -r) because these features aren't obviously discoverable in the Grep tool. While the Grep tool supports all these capabilities (output_mode="count", -A=N, -B=N, -C=N parameters), they're buried in documentation. Agents fall back to familiar bash idioms because grep -c feels more direct than Grep(output_mode="count"). Solution: Enhanced system prompt with concrete examples showing how common grep patterns translate to Grep tool calls, and improved tool descriptions that prominently highlight these features.
3. cat heredoc for file creation (127 cases, ~127 problematic)
This is the most critical pattern because it represents a fundamental permission efficiency problem. Claude agents believe that writing file content inline with a heredoc bash command is more efficient, but this is a false efficiency heuristic. The permission system cannot cache heredoc approvals because each heredoc contains unique content, requiring full human review every time. Write tool operations complete reviews more efficiently and benefit from permission caching. When files need iteration (common for debugging scripts or refining content), heredocs require full reviews for every revision, while Edit tool presents diffs that dramatically reduce human review time for subsequent revisions. This applies to ALL file types: scripts, documentation, test fixtures, configs, temporary files. Solution: System prompt guidance emphasizing that Write/Edit tools are strictly more efficient for ALL file creation due to permission system architecture, particularly when considering human-in-the-loop review time.
Recommended Actions
Read tool enhancement:
start_lineandend_lineparametersoffset/limitfor compatibilityRead(file_path="/path/to/file", start_line=253, end_line=343)System prompt updates:
Tool description improvements: