# Example 02: Shell Execution and File I/O **Capability:** Claude Code runs shell commands and reads/writes files as part of the same task. Shell output becomes input to the next step automatically. **OpenClaw equivalent:** `exec` tool with PTY support + read/write/edit file tools. --- ## The Prompt ``` Create a directory called 'project-scaffold', add these files inside it: 1. package.json with name "my-project", version "0.1.0", and description "A scaffolded project created by Claude Code" 2. README.md with a project overview section and a "Getting Started" section with placeholder install instructions 3. .gitignore for Node.js (node_modules, .env, dist, .DS_Store) Then run 'find project-scaffold -type f' to verify all three files exist and show me the contents of package.json. ``` --- ## What Happens Claude Code will: 1. Use Bash to run `mkdir project-scaffold` 2. Use Write to create each of the three files 3. Use Bash to run `find project-scaffold -type f` and capture the output 4. Use Read to show the contents of `package.json` 5. Report back with the directory tree and file verification --- ## Expected Output You should see Claude use 5 tool calls in sequence. The final output includes a directory tree and file contents: ``` project-scaffold/package.json project-scaffold/README.md project-scaffold/.gitignore ``` And the package.json contents: ```json { "name": "my-project", "version": "0.1.0", "description": "A scaffolded project created by Claude Code" } ``` **How you know it worked:** - A `project-scaffold/` directory exists with 3 files inside - You saw Bash (mkdir), Write (x3), Bash (find), and Read tool calls - No permission prompts appeared for these safe operations (they are pre-approved in settings.json) --- ## Why This Matters Shell execution and file I/O are the foundation of every automation. Claude Code handles both in the same task context, so shell output can feed directly into file content decisions. The permission system controls what shell commands are allowed. In the `settings.json` in this repo, `rm -rf` and a handful of other destructive patterns are blocked by the `pre-tool-use.sh` hook before execution reaches the shell. See `examples/09-security-hooks/` for details.