Give Claude Code broad permissions and it will use them. That's becoming a consistent experience for developers running the tool in agentic mode - where it can read files, run commands, and make changes without stopping to ask for approval at each step.
The behavior shows up predictably: start a session with "fix the bug in my authentication flow" and wide-open tool access, and Claude Code may read a dozen files, run several test commands, check dependencies, and poke at adjacent issues before reporting back. Every one of those steps costs tokens - the units of text that AI models process, which translate directly to API billing or subscription limits.
This isn't a bug. Agentic tools are designed to work autonomously, which means gathering context before acting. The question is how much context is actually necessary for a given task. Claude Code tends toward thorough - sometimes more thorough than the task warrants. Developers using Claude Code via the API and paying per token have noticed unexpected costs from sessions where the model explored far more of the codebase than the task required.
Anthropic has been iterating on the model's judgment about when to gather more context versus when to act directly, but the current behavior still leans toward doing more rather than less. For most tasks, that thoroughness produces better results - the model catches related issues and avoids making changes that break adjacent functionality. The tradeoff is cost and session length.
The practical fix is tighter scoping. Pointing Claude Code at a specific directory rather than a full project, or specifying which files are relevant in your prompt, reduces unnecessary exploration significantly. For users on subscription plans with generous usage limits, this is mostly a minor annoyance. For developers on API billing running complex sessions, it's worth monitoring costs per session on larger tasks.