Claude Code offers advanced features for experienced users including planning mode, extended thinking, auto mode, sandboxing, and headless operation. Planning mode separates thinking from execution, allowing users to review implementation plans before Claude proceeds, while extended thinking provides additional reasoning time for complex problems.
Auto mode employs a safety classifier to determine safe tool execution without user confirmation, with customizable permission controls. Sandboxing provides OS-level isolation for file system and network access, ideal for working with untrusted code or enforcing strict boundaries in enterprise environments.
Claude Code Advanced Features — These Claude Code advanced features unlock more power: print mode, planning mode, permission modes, model routing, and deeper configuration.

- Claude Code Advanced Features: What You’ll Learn
- Planning Mode and Extended Thinking
- Ultraplan: Cloud-Powered Planning
- Auto Mode and Permission Control
- Programmatic and Sandboxed Operation
- Advisor Tool (Experimental)
- Native Glob and Grep on macOS/Linux
- Session Cleanup with cleanupPeriodDays
- Project Purge
- Debugging and Platform Environment Variables
- Claude Code on the Web and Session Handoff
- PR URL Customization
- Worktree Configuration
- Computer Use (Research Preview)
- More Advanced Features
- Real-World Configuration Examples
- Pro Tips
- Hands-On Challenge
- Knowledge Check
- Q1: What are the six permission modes in Claude Code?
- Q2: How do you activate planning mode?
- Q3: What does the opusplan model alias do?
- Q4: How do you run Claude in a CI/CD pipeline with structured JSON output and a turn limit?
- Q5: What is the difference between dontAsk and bypassPermissions modes?
- Test Your Knowledge
- Additional Resources
- Combining Planning Mode and Effort: A Step-by-Step Walkthrough
- Claude Code Advanced Features: Common Mistakes to Avoid
- Claude Code Advanced Features: Best Practices
- Claude Code Advanced Features: Frequently Asked Questions
- Continue Learning
Claude Code Advanced Features: What You’ll Learn
In this guide to Claude Code Advanced Features, you’ll work through practical, hands-on steps with real examples. Claude Code Advanced Features is explained from the ground up so you can apply it immediately in your own projects.
Claude Code offers a suite of power features that experienced users rely on for complex or high-stakes work. Planning mode, extended thinking, auto mode, sandboxing, and headless operation each fundamentally change how Claude operates. This lesson dives deep into each capability.
Planning Mode and Extended Thinking
Planning mode decouples thinking from doing. When activated, Claude first investigates the codebase and produces a detailed implementation plan. You review and can optionally modify it before Claude executes. This prevents the common problem of Claude diving into code before fully grasping the problem.
Activate planning mode with /plan <description>, the --permission-mode plan CLI flag, or Shift+Tab to cycle through permission modes. Use Ctrl+G to open the current plan in your external editor for detailed revisions before approving. The opusplan model alias routes the planning phase to Opus and execution to Sonnet:
claude --model opusplan "redesign the database schema for multi-tenancy"
Extended thinking gives Claude additional reasoning time before responding. Toggle it with Option+T (macOS) or Alt+T. The /effort command controls reasoning depth with options low, medium, high, xhigh, or max (session-only). Set it per-session with export CLAUDE_CODE_EFFORT_LEVEL=high. For maximum reasoning on a specific prompt, include the word “ultrathink” — it triggers deep reasoning mode regardless of your effort setting. The word ultracode triggers a dynamic workflow run — the trigger was renamed from workflow to ultracode in v2.1.160. Dynamic workflows are now enabled via /effort ultracode — a slash command, not a --ultracode flag — that sets effort to xhigh on supporting models.
MAX_THINKING_TOKENS=*** disables thinking on Opus 4.6 and Sonnet 4.6 only. On Opus 4.7 and later, adaptive reasoning is always active and MAX_THINKING_TOKENS does not apply.
Combining plan mode with high effort is especially powerful for complex architectural decisions:
claude --permission-mode plan --effort high --model opusplan "migrate from REST to GraphQL"
Ultraplan: Cloud-Powered Planning
Ultraplan takes planning mode further by delegating plan creation to a Claude Code on the web session. Claude drafts the plan in the cloud while your terminal remains free. You then open it in your browser to comment on specific sections, request revisions, and decide where to execute.
There are three ways to launch Ultraplan: the /ultraplan <prompt> command, including the word “ultraplan” in a regular prompt, or selecting “Refine with Ultraplan on the web” from a finished local plan dialog.
After launching, a status badge appears at your prompt: ◇ ultraplan while drafting, ◇ ultraplan needs your input when Claude has questions, and ◆ ultraplan ready when the plan is ready for review. Open the session link on claude.ai to review — you can leave inline comments on specific sections, add emoji reactions, and request revisions before approving.
Once approved, two execution paths are available:
- Execute on the web — Claude implements the plan in the cloud, and you review the diff and open a PR from the browser
- Send back to terminal — the plan transfers to your CLI for local implementation with full environment access
/ultraplan migrate the auth service from sessions to JWTs
Ultraplan requires a claude.ai subscription and a connected GitHub repository. It’s not available on Bedrock, Vertex AI, or Foundry.
Auto Mode and Permission Control
Auto Mode is a research-preview permission mode that employs a background safety classifier to determine whether tool calls are safe to run without asking. It’s designed for higher-autonomy workflows where you still want guardrails around risky actions.
You activate it the same way as other permission modes: select auto in your permission settings or cycle to it with Shift+Tab when available. Organizations can fine-tune what Auto Mode considers trusted infrastructure through the autoMode settings block.
By default, Auto Mode is cautious about actions that resemble data exfiltration, risky shell execution, or production-impacting changes. When a permission check stalls, the spinner turns red — making it clear a check is in progress rather than a tool running. If your team has trusted repos, internal domains, buckets, or services that Auto Mode should treat as normal, define them in autoMode.environment.
When customizing autoMode.allow, autoMode.soft_deny, autoMode.hard_deny, or autoMode.environment, include the special "$defaults" token to preserve the built-in rules and add yours alongside them. Without "$defaults", your array replaces the defaults entirely.
Inside the classifier, precedence works in four tiers: hard_deny rules block unconditionally (user intent and allow exceptions do not apply). soft_deny rules block next, but user intent and allow exceptions can override them. allow rules then override matching soft_deny rules. Explicit user intent overrides remaining soft blocks — asking Claude to “force-push this branch” clears the soft block, but a vague “clean up the repo” does not. If the classifier blocks an action 3 times consecutively or 20 times total, auto mode pauses and Claude Code resumes prompting. These thresholds are not configurable.
Use claude auto-mode defaults to print built-in rules, claude auto-mode config to see your effective merged config, and claude auto-mode critique for AI feedback on your custom rules:
{
"autoMode": {
"allow": ["$defaults", "Deploying to staging is allowed"],
"soft_deny": ["$defaults", "Never run migrations outside the migrations CLI"],
"hard_deny": ["$defaults", "Never send repo contents to third-party APIs"],
"environment": ["$defaults", "Internal API: api.corp.example.com"]
}
}
Permission modes span a spectrum. default reads freely but prompts for actions beyond that. acceptEdits auto-approves file edits for the session, except writes to protected directories. plan switches into planning-first research mode. auto uses the classifier. dontAsk only runs pre-approved tools and denies everything else. bypassPermissions skips most permission prompts — writes to protected paths are also included as of v2.1.126. The --dangerously-skip-permissions flag is shorthand for --permission-mode bypassPermissions — the deliberately alarming name makes the security trade-off explicit, so reserve it for trusted CI/CD pipelines.
Start a session in any mode with the --permission-mode <mode> flag. It accepts default, acceptEdits, plan, auto, dontAsk, or bypassPermissions, and overrides defaultMode from settings for that run. The same flag works with -p for non-interactive runs, and dontAsk only activates through this flag (it’s not in the Shift+Tab cycle):
claude --permission-mode plan "draft the migration"
claude -p "audit dependencies" --permission-mode dontAsk
Set a default in settings so most sessions start in your preferred mode without needing the flag:
{
"permissions": {
"defaultMode": "acceptEdits"
}
}
To customize Auto Mode for your environment:
{
"autoMode": {
"environment": [
"Source control: github.example.com/acme-corp and all repos under it",
"Trusted internal domains: *.corp.example.com, api.internal.example.com"
]
}
}
On the Anthropic API, Auto Mode is available by default once your account meets model and admin requirements. On Amazon Bedrock, Google Cloud Vertex AI, and Microsoft Foundry (v2.1.158+), it’s gated behind CLAUDE_CODE_ENABLE_AUTO_MODE=1 in your env block, and only Opus 4.7 and Opus 4.8 are supported. Older models — Sonnet 4.5, Opus 4.5, Haiku, and Claude 3 — never get Auto Mode on any provider. Administrators can lock the mode off with permissions.disableAutoMode: "disable" in managed settings, which overrides the enable variable.
Two recently added settings are worth noting: enforceAvailableModels (v2.1.175) extends the availableModels allowlist to also constrain the Default model, not just alternate models. footerLinksRegexes (v2.1.176) adds regex-matched link badges to the footer row for custom integrations.
Programmatic and Sandboxed Operation
Running Claude Code programmatically with claude -p "your prompt" executes it non-interactively. Output goes to stdout, making it composable with shell pipelines and automation systems. Combine with --output-format json for structured output. Use --permission-mode bypassPermissions for fully automated CI/CD use. Hooks running in these sessions can read the active effort level via the $CLAUDE_EFFORT environment variable.
/cd <directory> moves a session to a new working directory without breaking the prompt cache mid-session.
# Automated code review in CI
git diff HEAD~1 | claude -p "review these changes for security issues" --output-format json --permission-mode bypassPermissions
# Generate docs for changed files
claude -p "generate JSDoc for all functions in $CHANGED_FILE" --print --no-session-persistence
Sandboxing provides OS-level isolation for file system and network access. Sandboxed Bash works on macOS, Linux, and WSL2 — native Windows is not supported; on Windows, run Claude Code inside a WSL2 distribution. Enable it with /sandbox in-session. In sandbox mode, Claude can only access approved paths and network rules you configure. This is valuable for running Claude on untrusted code or in environments where you want strict boundaries.
Fine-tune network isolation with sandbox.network.allowedDomains and sandbox.network.deniedDomains in your settings.json. allowedDomains whitelists domains for outbound traffic, while deniedDomains blocks specific domains even when a broader wildcard in allowedDomains would permit them — deniedDomains always takes precedence. Both support wildcards like *.example.com:
{
"sandbox": {
"enabled": true,
"network": {
"allowedDomains": ["github.com", "*.npmjs.org"],
"deniedDomains": ["uploads.github.com"]
}
}
}
In managed deployments, deniedDomains is merged from all settings sources (managed, user, project, local) regardless of allowManagedDomainsOnly. That flag only restricts which scopes allowedDomains is read from — deny rules from any scope are always honored, so a user-level block cannot be silently dropped by enterprise policy.
On Linux and WSL, use sandbox.bwrapPath and sandbox.socatPath to specify custom binary locations for bubblewrap and socat:
{
"sandbox": {
"bwrapPath": "/usr/local/bin/bwrap",
"socatPath": "/usr/bin/socat"
}
}
For enterprise deployments, managed settings override user settings through platform-native management: plist on macOS, Registry on Windows, managed configuration files, and managed-settings.d/ drop-ins merged alphabetically. This is separate from managed memory files like organization-level CLAUDE.md guidance.
# Test headless with sandboxing
claude -p "analyze the security of this codebase" --sandbox --permission-mode plan --output-format json
Advisor Tool (Experimental)
The Advisor Tool is an experimental dual-model feature that lets a faster, lower-cost executor model (like Sonnet) consult a higher-intelligence advisor model (like Opus) mid-task for strategic guidance. The advisor reads the full conversation and produces a plan or course correction, then the executor continues. This pattern suits long-horizon agentic workloads where most turns are mechanical but having an excellent plan is critical.
Enable it with the /advisor command. When active, sessions show an “experimental” label and a startup notification. The executor model is set as the main session model, and the advisor model is chosen through the /advisor dialog. The Advisor Tool is enabled via the CLAUDE_CODE_ENABLE_EXPERIMENTAL_ADVISOR_TOOL environment variable.
Native Glob and Grep on macOS/Linux
On native macOS and Linux builds, the Glob and Grep tools are replaced by embedded bfs and ugrep binaries accessible through the Bash tool. This means faster file searches without a separate tool round-trip — Claude issues a single Bash command instead of calling a dedicated tool, reducing latency on large codebases.
Windows and npm-installed builds are unaffected and continue using the original Glob and Grep tools. The environment variables CLAUDE_CODE_GLOB_HIDDEN, CLAUDE_CODE_GLOB_NO_IGNORE, and CLAUDE_CODE_GLOB_TIMEOUT_SECONDS still apply to the original tools where they remain in use.
Session Cleanup with cleanupPeriodDays
The cleanupPeriodDays setting in settings.json controls how long session files are retained before automatic deletion at startup. The default is 30 days and the minimum is 1 — setting it to 0 is rejected with a validation error. This setting also governs automatic removal of orphaned subagent worktrees (from crashes or interrupted parallel runs) at startup, provided they have no uncommitted changes, no untracked files, and no unpushed commits. Worktrees you create with --worktree are never removed by this sweep:
{
"cleanupPeriodDays": 14
}
To prevent transcripts from being written at all in non-interactive mode, use --no-session-persistence.
Project Purge
When cleanupPeriodDays isn’t enough and you want to wipe all Claude Code state for a project immediately, use claude project purge. It deletes transcripts, task lists, debug logs, file-edit history, prompt history, and the project entry itself:
# Preview what would be deleted
claude project purge --dry-run
# Purge state for the current project
claude project purge
# Skip the confirmation prompt
claude project purge --yes
# Interactively choose which items to remove
claude project purge --interactive
# Purge state for every project at once
claude project purge --all
Flags can be combined: claude project purge --all --dry-run previews what a full wipe would remove. The -y and -i short forms work too.
Debugging and Platform Environment Variables
Several environment variables unlock surfaces not yet exposed as commands or settings.
OTEL_LOG_RAW_API_BODIES=1 emits full API request and response bodies as OpenTelemetry log events — set it when debugging why a request failed or what exactly Claude sent to the model. Be careful with the logs afterwards since request bodies can contain secrets.
OTEL_RESOURCE_ATTRIBUTES adds custom comma-separated key=value pairs (no spaces, percent-encode special characters) that Claude Code attaches as labels on every metric datapoint and event, in addition to sending them in the OTLP resource block. Use it to slice metrics by team, department, or cost center in your backend — department=engineering,team.id=platform,cost_center=eng-123. Custom keys never override built-in attributes like user.id or session.id. To keep custom attributes in the resource block only and skip per-datapoint labels (lower cardinality, cheaper storage), set OTEL_METRICS_INCLUDE_RESOURCE_ATTRIBUTES=false.
CLAUDE_CODE_USE_POWERSHELL_TOOL=1 opts into the PowerShell tool on Linux and macOS (requires pwsh on PATH). On Windows the tool is rolling out progressively; set it to 0 to opt out explicitly. On Windows with the PowerShell tool enabled, PowerShell becomes the primary shell instead of defaulting to Bash.
DISABLE_UPDATES=1 blocks all update paths, including manual claude update. This is stricter than DISABLE_AUTOUPDATER (which only blocks auto-updates) and is intended for locked-down enterprise deployments where the installed version must not change.
CLAUDE_CODE_SAFE_MODE=1 or --safe-mode starts Claude Code with all customizations (CLAUDE.md, plugins, skills, hooks, MCP servers) disabled for troubleshooting — useful when debugging unexpected behavior or a broken configuration.
CLAUDE_CODE_DISABLE_BUNDLED_SKILLS=1 or disableBundledSkills in settings hides bundled skills, workflows, and built-in slash commands from the model.
CLAUDE_CODE_HIDE_CWD=1 hides the working directory from the startup logo banner — useful for screen recordings or presentations where you don’t want to leak path information.
CLAUDE_CODE_NATIVE_CURSOR=1 shows the terminal’s own cursor at the input caret instead of Claude Code’s drawn block. The native cursor respects the terminal’s blink, shape, and focus settings — useful when your terminal is configured for a specific cursor style or accessibility need.
CLAUDE_CODE_OPUS_4_6_FAST_MODE_OVERRIDE was removed in v2.1.160 and is now a no-op.
CLAUDE_CODE_RESUME_PROMPT overrides the continuation message Claude injects when resuming a session that ended mid-turn. The default is “Continue from where you left off.” Long-running spawn scripts can set a more directive boot message; an empty string falls back to the default.
CLAUDE_CODE_ENABLE_FEEDBACK_SURVEY_FOR_OTEL=1 routes the session quality survey to your own OpenTelemetry collector when Anthropic-bound nonessential traffic is blocked. Survey ratings are emitted only as OTEL events to your configured collector — no survey data goes to Anthropic. It applies when CLAUDE_CODE_DISABLE_NONESSENTIAL_TRAFFIC, DISABLE_TELEMETRY, or DO_NOT_TRACK is set, and has no effect otherwise. CLAUDE_CODE_DISABLE_FEEDBACK_SURVEY and your organization’s product feedback policy still take precedence.
ANTHROPIC_WORKSPACE_ID is the workspace ID used by workload identity federation. Set it when your federation rule is scoped to more than one workspace so the token exchange knows which workspace to target — without it, an over-scoped rule has no way to pick a workspace and the exchange fails. Leave it unset when your federation rule is scoped to exactly one workspace.
# Capture full OTEL telemetry while reproducing an API bug
OTEL_LOG_RAW_API_BODIES=1 claude --print 'reproduce the failure'
# Slice metrics by team and cost center in your OTEL backend
OTEL_RESOURCE_ATTRIBUTES="department=engineering,team.id=platform,cost_center=eng-123" claude
# Enable PowerShell tool on macOS or Linux
CLAUDE_CODE_USE_POWERSHELL_TOOL=1 claude
# Block all updates on a locked-down machine
DISABLE_UPDATES=1 claude
# Hide the working directory in the startup banner
CLAUDE_CODE_HIDE_CWD=1 claude
# Use the terminal's own cursor at the input caret
CLAUDE_CODE_NATIVE_CURSOR=1 claude
# Override the resume continuation message for an agent boot script
CLAUDE_CODE_RESUME_PROMPT="Resume the migration and stop after the next test run." claude --resume
# Route the session quality survey through your OTEL collector
CLAUDE_CODE_DISABLE_NONESSENTIAL_TRAFFIC=1 CLAUDE_CODE_ENABLE_FEEDBACK_SURVEY_FOR_OTEL=1 claude
# Workload identity federation with a multi-workspace rule
ANTHROPIC_WORKSPACE_ID=ws_01abcd... claude
Claude Code on the Web and Session Handoff
Claude Code on the web runs tasks on Anthropic-managed cloud infrastructure at claude.ai/code. Cloud sessions persist even when you close your browser, and you can monitor them from the Claude mobile app.
Launch a cloud session from your terminal with claude --remote "your task". Claude clones your repo from GitHub (push local commits first), executes the prompt autonomously, and can open PRs when done. Use multiple --remote calls to run tasks in parallel.
/teleport (alias /tp) pulls a cloud session back into your local terminal — it fetches the branch, loads the full conversation history, and lets you continue locally. The reverse direction: --remote sends work to the cloud. Together they create a seamless loop between local and cloud execution.
/autofix-pr spawns a cloud session that watches your current PR. When CI fails or reviewers leave comments, Claude investigates and pushes a fix. Pass a prompt to narrow its scope: /autofix-pr only fix lint and type errors. Requires the Claude GitHub App installed on the repository.
# Plan locally, execute in the cloud
claude --permission-mode plan
# ... finalize plan, commit, push ...
claude --remote "Execute the migration plan in docs/migration-plan.md"
# Pull the cloud session back when done
/teleport
Cloud sessions include standard runtimes (Node.js, Python, Go, Rust, Java, Ruby, Docker, PostgreSQL), up to 16 GB RAM, and configurable network access levels. Repo-level configuration (CLAUDE.md, settings, MCP servers, skills) carries over automatically. User-level settings (~/.claude/) do not — commit project config to the repo.
PR URL Customization
The prUrlTemplate setting in settings.json points the footer PR badge at a custom code-review URL instead of the default GitHub link. This is useful for teams using GitLab, Bitbucket, or an internal review tool:
{
"prUrlTemplate": "https://gitlab.example.com/org/repo/-/merge_requests/{{pr_number}}"
}
Worktree Configuration
Git worktrees let you check out multiple branches simultaneously without stashing or branching. claude --worktree <name> creates a new worktree linked to <name>/. The worktree.baseRef setting (new in v2.1.133) controls which ref to branch from when creating a worktree. Set baseRef to fresh (origin/<default>, the default — branches from a clean tree matching the remote) or head (your local HEAD):
{
"worktree": {
"baseRef": "head"
}
}
Setting head preserves unpushed local commits in new worktrees. This affects --worktree, EnterWorktree, and agent-isolation worktrees.
Computer Use (Research Preview)
Computer use lets Claude open apps, control your screen, and interact with GUIs on macOS — building a Swift app, launching it, clicking through every button, and screenshotting the result, all in one conversation. It handles tasks that require a GUI: validating native app builds, end-to-end UI testing without a test harness, debugging visual layout issues, and driving GUI-only tools like design apps or the iOS Simulator.
Claude tries more precise tools first: MCP servers, Bash, or Chrome integration. Computer use is the fallback for things nothing else can reach — native apps, simulators, and tools without an API.
Enable it by running /mcp in a session, finding the computer-use server, and selecting Enable. The setting persists per project. On first use, macOS prompts for Accessibility and Screen Recording permissions. When Claude wants to control a specific app, a prompt appears for you to approve — approvals last for the current session only. Apps with broad reach (terminals, Finder, System Settings) show extra warnings.
While Claude works, other visible apps are hidden so it only interacts with approved apps. Your terminal window stays visible and is excluded from screenshots. Press Esc anywhere or Ctrl+C to abort immediately. Only one session can control the machine at a time.
Computer use requires a Pro or Max plan, macOS, Claude Code v2.1.85+, and an interactive session (not available with -p). It’s not available on Team, Enterprise, Bedrock, Vertex AI, or Foundry.
More Advanced Features
Claude Code’s advanced toolkit extends further. Background tasks let long-running work continue while you keep chatting. Scheduled tasks support /loop for session-scoped recurring checks and /schedule for cloud-backed scheduled work. Session tools like /resume, /rename, and /teleport make it easy to move between local CLI, the browser, and the desktop app.
There are also platform features for daily use: voice dictation with /voice, Chrome integration with --chrome, remote control via /remote-control, the /powerup interactive feature discovery lessons, persistent task lists, and git worktree workflows with claude --worktree. These all share the same permission system, so advanced usage is mostly about combining the right mode with the right surface.
Real-World Configuration Examples
Here are production-ready configurations for Claude Code’s advanced features:
Example 1: Permission Configuration for Auto Mode
This Python script sets up a conservative baseline of safe permissions for Claude Code’s auto mode:
#!/usr/bin/env python3
# Seed ~/.claude/settings.json with safe permissions for auto mode
from pathlib import Path
import json, tempfile
SETTINGS_PATH = Path.home() / ".claude" / "settings.json"
# Core baseline: read-only inspection and low-risk commands
CORE_PERMISSIONS = [
"Read(*)", "Glob(*)", "Grep(*)", "Agent(*)", "Skill(*)",
"WebSearch(*)", "WebFetch(*)",
"Bash(ls:*)", "Bash(cat:*)", "Bash(head:*)", "Bash(tail:*)",
"Bash(git status:*)", "Bash(git log:*)", "Bash(git diff:*)",
]
# Optional: file editing permissions
EDITING_PERMISSIONS = [
"Edit(*)", "Write(*)", "NotebookEdit(*)",
"TaskCreate(*)", "TaskUpdate(*)",
]
# Optional: local test/build commands
TEST_AND_BUILD_PERMISSIONS = [
"Bash(npm test:*)", "Bash(cargo test:*)",
"Bash(go test:*)", "Bash(pytest:*)",
]
# Usage:
# python3 setup-auto-mode-permissions.py --include-edits --include-tests
# python3 setup-auto-mode-permissions.py --dry-runExample 2: Use-Case Specific Configurations
Different configurations for common Claude Code scenarios:
{
"development": {
"model": "claude-sonnet-4-6",
"permissions": { "mode": "unrestricted" },
"backgroundTasks": { "enabled": true, "maxConcurrentTasks": 3 }
},
"code_review": {
"model": "claude-sonnet-4-6",
"permissions": { "mode": "plan" },
"extendedThinking": { "enabled": true }
},
"production": {
"model": "claude-opus-4-7",
"permissions": {
"mode": "confirm",
"requireConfirmationFor": ["Bash", "Git", "Write", "Edit"]
},
"checkpoints": { "autoCheckpoint": true },
"planning": { "autoEnter": true, "requireApproval": true }
},
"security_audit": {
"model": "claude-opus-4-7",
"permissions": { "mode": "plan" },
"extendedThinking": { "enabled": true, "minThinkingTime": 10 }
}
}Example 3: Planning Mode Workflow
Using planning mode to break down a complex task into structured phases:
# Activate planning mode
/plan Build a REST API for a blog
# Claude produces a structured plan:
## Phase 1: Project Setup (15 min)
1. Initialize Node.js project with Express
2. Set up TypeScript configuration
3. Install dependencies
## Phase 2: Database Layer (30 min)
4. Design database schema
5. Create migration files
6. Set up database connection pool
## Phase 3: Authentication (45 min)
7. Implement user registration endpoint
8. Implement login endpoint with JWT
9. Create authentication middleware
# Review, approve, and Claude executes systematicallyPro Tips
- Checkpoints are not git. Use checkpoints for rapid experimentation and rewinding; use git commits for permanent, auditable changes. Bash filesystem operations (like
rmormv) are not captured by checkpoints, so commit important work to git. - Pick the right permission mode for the job. Use
planfor read-only code review,acceptEditsfor trusted automation workflows,autofor autonomous work with safety guardrails, anddefaultfor interactive development where you review each action. - Use extended thinking for architecture decisions. Toggle it with
Alt+T/Option+Tor prefix your prompt with “ultrathink”. Set effort with/effort highfor deep reasoning on complex problems—but skip it for simple queries where the overhead is wasted. - Tune checkpoint retention. The
cleanupPeriodDayssetting (default: 30) governs retention for checkpoints, task lists, shell snapshots, and backups. Lower it to save disk space or raise it to keep longer history. - Configure fallback models. Set
"fallbackModel"insettings.jsonwith up to three models tried in order when the primary is overloaded, so long-running workflows are resilient to outages.
Hands-On Challenge
Use checkpoints and planning mode together to safely explore two competing implementations of a feature, then pick the winner.
Task
Plan a refactor using /plan, execute the first approach, create a mental checkpoint, rewind to try an alternative approach, then compare both and commit the better one to git.
Steps
- Open a project and run
/plan Add input validation to the user registration endpoint. Review the generated plan. - Approve the plan and let Claude implement Approach A (e.g. validation in the controller).
- Press
Esctwice (or use/rewind) and note the current checkpoint in the rewind browser. - Rewind to that checkpoint and ask Claude to try Approach B (e.g. validation via a middleware decorator) instead.
- Compare both approaches side by side, choose the better one, and run
git add/git committo preserve it.
Expected Outcome
Two alternative implementations explored non-destructively, a clear comparison, and a single git commit containing only the chosen approach. The discarded approach should not appear in your working tree.
Hint
Checkpoints are created automatically with every user prompt, so you do not need to manually save. When rewinding, choose “Restore code and conversation” to fully revert, or “Restore code” to keep the conversation history but roll back files. Remember: checkpoints do not track Bash filesystem operations like
rmormv—use git for anything permanent.
Knowledge Check
Test your understanding of Claude Code’s advanced features:
Q1: What are the six permission modes in Claude Code?
A) read, write, execute, admin, root, sudo
B) default, acceptEdits, plan, auto, dontAsk, bypassPermissions
C) safe, normal, elevated, admin, unrestricted, god
D) view, edit, run, deploy, full, bypass
Correct answer: B — The six modes are: default, acceptEdits, plan, auto, dontAsk, and bypassPermissions.
Q2: How do you activate planning mode?
A) Only via /plan command
B) Via /plan, Shift+Tab/Alt+M, --permission-mode plan flag, or default config
C) Via --planning flag only
D) Planning is always on
Correct answer: B — Planning mode can be activated via /plan command, Shift+Tab/Alt+M keyboard shortcut, –permission-mode plan CLI flag, or as a default in config.
Q3: What does the opusplan model alias do?
A) Uses only Opus for everything
B) Uses Opus for planning phase and Sonnet for implementation
C) Uses a special planning-optimized model
D) Enables plan mode automatically
Correct answer: B — opusplan uses Opus for the planning phase and Sonnet for the execution phase.
Q4: How do you run Claude in a CI/CD pipeline with structured JSON output and a turn limit?
A) claude --ci --json --limit 3
B) claude -p --output-format json --max-turns 3 "review code"
C) claude --pipeline --format json
D) claude run --json --turns 3
Correct answer: B — Print mode (-p) with --output-format json and --max-turns is the standard CI/CD pattern.
Q5: What is the difference between dontAsk and bypassPermissions modes?
A) They are the same
B) dontAsk auto-denies unless pre-approved; bypassPermissions skips all checks entirely
C) dontAsk is for files; bypassPermissions is for commands
D) bypassPermissions is safer
Correct answer: B — dontAsk auto-denies unless pre-approved. bypassPermissions skips all safety checks entirely.
Test Your Knowledge
Additional Resources
| Resource | Type | What You'll Learn |
|---|---|---|
| Official Checkpointing Documentation | Docs | Automatic checkpoints, rewind options, and retention settings |
| Permission Modes Reference | Reference | default, acceptEdits, plan, auto, bypassPermissions modes |
| Configuration & Settings Guide | Guide | Environment variables, settings.json, and managed enterprise settings |
| Claude Code Changelog | Changelog | Auto mode on Bedrock/Vertex (v2.1.158), cleanupPeriodDays scope (v2.1.117), effort levels |
| cc-context-stats | Community Tool | Real-time context-window zone tracking to know when to rewind |
Claude Code Advanced Features gives you a solid, repeatable workflow. Bookmark this Claude Code Advanced Features guide and revisit the steps whenever you need them.

Combining Planning Mode and Effort: A Step-by-Step Walkthrough
The advanced features covered above are most useful in combination, not isolation. This walkthrough works through a real scenario — migrating a REST endpoint to GraphQL — using planning mode, extended thinking, and permission modes together.
- Start in planning mode with high effort. For an architectural change like this, skip the default mode and go straight to a plan:
Claude investigates the existing endpoint, its callers, and the surrounding schema before proposing anything — nothing gets touched yet.claude --permission-mode plan --effort high "migrate the /api/orders REST endpoint to a GraphQL resolver" - Review the plan before approving it. Press
Ctrl+Gto open the plan in your external editor if it needs detailed edits, such as reordering phases or flagging a step that needs a database migration first. - Escalate reasoning only where it matters. If one phase of the plan involves a genuinely hard design decision — say, how to handle pagination in the new resolver — prefix that specific follow-up with “ultrathink” rather than running the whole session at maximum effort, which wastes time on the mechanical phases.
- Approve and switch modes for execution. Once the plan looks right, approve it. For the mechanical parts (writing the resolver, updating types),
acceptEditskeeps things moving without a prompt for every file. Savedefaultmode — or manual review — for the phase that touches authentication middleware. - Use checkpoints, not memory, to compare approaches. If two implementations of the resolver seem viable, let Claude implement the first, note the checkpoint, rewind, and try the second. Checkpoints capture file edits automatically with every prompt, though they don’t capture Bash filesystem operations like
rm— commit anything permanent to git once you’ve picked a winner. - Verify before merging. Ask Claude to run your test suite and confirm the old REST endpoint’s contract still holds for any consumers that haven’t migrated to GraphQL yet, then commit.
For a lower-touch version of the same workflow, auto mode can handle the same migration with its safety classifier approving routine edits and pausing on anything that resembles a risky change — a reasonable middle ground once you trust the codebase and want fewer manual approvals without going all the way to bypassPermissions.
None of these Claude Code advanced features are complicated on their own — the skill is knowing which one to reach for at each phase of a task, and downgrading back to simpler modes once the hard part is done.
Claude Code Advanced Features: Common Mistakes to Avoid
These advanced features add real power, but they also add ways to shoot yourself in the foot if used carelessly.
- Reaching for bypassPermissions out of impatience on work that isn’t actually a trusted CI/CD pipeline — the name is deliberately alarming for a reason.
- Running every session at maximum effort or with ultrathink, which slows down simple, mechanical requests that didn’t need the extra reasoning time.
- Treating checkpoints as a substitute for git commits, then losing work when a Bash rm or mv isn’t captured by the checkpoint system.
- Enabling sandbox network rules with a broad allowedDomains wildcard and no deniedDomains exceptions, which defeats the purpose of isolating untrusted code.
Claude Code Advanced Features: Best Practices
- Use print mode to script the assistant into pipelines and CI.
- Switch to planning mode before large refactors so you can approve the plan.
- Match the permission mode to the risk of the task, not to convenience alone.
- Route models by task: a faster model for routine edits, a stronger one for hard reasoning.
- Keep advanced configuration in version control so runs are reproducible.

Claude Code Advanced Features: Frequently Asked Questions
What’s the difference between planning mode and auto mode?
Planning mode has Claude propose a plan for you to approve before anything changes. Auto mode lets a safety classifier decide which actions are safe to run without asking, for a more autonomous workflow.
Does extended thinking cost more or run slower?
It adds reasoning time before Claude responds, so complex prompts take longer. Reserve high effort or ultrathink for genuinely hard problems rather than every request.
Is bypassPermissions safe to use routinely?
No — it’s meant for trusted CI/CD pipelines, not everyday interactive work. The alarming name is intentional, signaling that all safety prompts are skipped.
What does sandboxing actually isolate?
OS-level file system and network access. Claude can only reach approved paths and domains, which is useful when working with untrusted code.
Can I use these Claude Code advanced features on Bedrock or Vertex AI?
Some, like auto mode, are gated behind an environment variable and limited model support on those platforms; others, like Ultraplan and computer use, aren’t available there at all.