According to monitoring by Beating, Claude Code has removed the dedicated Grep (text search) and Glob (filename matching) tools starting from version 2.1.117, with all file operations now executed through Bash. Bash is a general command-line tool capable of much more than just file searching; it also includes high-risk operations such as deleting, modifying, and installing software. Anthropic engineer Adam Wolff stated that the change has increased speed, noting, 'It took four months to remove these tools, which is much harder than adding them.' Amp Code CEO Quinn Slack pointed out that this change disrupts the existing permission management logic. Previously, users could set permissions by tool type: read-only tools like Grep and Glob were automatically permitted, while Bash commands required manual approval one by one. Now that all operations go through Bash, this tiered approval system is ineffective: users must either approve each shell command individually (which is extremely inefficient) or allow all commands (resulting in a loss of security control). Slack believes this exposes a more fundamental issue: using deterministic rules to manage agent permissions is unworkable. The model can bypass classifications using various equivalent expressions, such as using bash(grep query | head -n 10) instead of dedicated search tools, or inline calling sed, perl, or python to execute arbitrary operations. He mentioned that the Amp team has attempted to automatically parse Bash commands to assess their safety, 'which could reduce the approval workload by about half, but the remaining amount is still too much.'