Skill Permissions
Automatically analyze permissions required by all skills in Claude Code and generate one-time authorization commands.
Dangerous Operations Warning
This skill can modify other skill files. The following commands may cause widespread file changes:
| Command | Risk Level | Description |
|---|---|---|
/skill-permissions inject | High | Batch modify all skill SKILL.md files |
/skill-permissions allow-all | Medium | Batch modify settings.json |
/skill-permissions allow <name> | Low | Only modify settings.json |
/skill-permissions <name> | Safe | Read-only analysis, no file modifications |
Recommendations:
- •Prefer explicit commands (e.g.,
/skill-permissions allow port-allocator) - •Avoid
injectorallow-allunless you understand the impact - •Run
/skill-permissionsfirst to see analysis results before batch operations
Usage
| Command | Description |
|---|---|
/skill-permissions | Analyze all skills and show permission summary |
/skill-permissions <skill-name> | Analyze specific skill's permission requirements |
/skill-permissions allow <skill-name> | Execute one-time authorization for specific skill |
/skill-permissions allow-all | Execute one-time authorization for all skills |
/skill-permissions inject | Inject allow command into all skills |
/skill-permissions allow | Execute one-time authorization for this skill |
How It Works
1. Permission Analysis
Scan skill's SKILL.md file, identifying patterns like:
Bash Command Patterns:
find * → Bash(find *) ls * → Bash(ls *) cat ~/.claude/* → Bash(cat ~/.claude/*) lsof -i:3* → Bash(lsof -i:3*) git * → Bash(git *) npm * → Bash(npm *)
Recognition Rules:
- •Bash commands in code blocks (
bash ...) - •Inline commands (
command) - •Explicitly mentioned system commands
2. Permission Rule Generation
Convert identified commands to permissions.allow rules:
{
"permissions": {
"allow": [
"Bash(find * -name package.json *)",
"Bash(ls -d *)",
"Bash(cat ~/.claude/*)",
"Bash(lsof -i:3*)"
]
}
}
Execution Steps
Command: /skill-permissions
Analyze all skills and show permission summary:
- •
Scan all skills
bashfind ~/.claude/skills -name "SKILL.md" -type f 2>/dev/null
- •
Analyze permissions for each skill
- •Read SKILL.md content
- •Extract bash code blocks
- •Identify command patterns
- •Generate permission rules
- •
Output analysis results
Command: /skill-permissions <skill-name>
Analyze specific skill's permission requirements:
- •
Locate skill
bashSKILL_PATH=$(find ~/.claude/skills -type d -name "<skill-name>" 2>/dev/null | head -1)
- •
Read and analyze SKILL.md
- •
Output detailed permission list
Command: /skill-permissions allow <skill-name>
Execute one-time authorization for specific skill:
- •Analyze skill permission requirements
- •Read existing config
- •Merge permission rules (deduplicate, preserve existing rules)
- •Write config file
- •Output authorization result
Blocked Commands
The following command patterns are automatically blocked and won't be added to the allowlist:
Dangerous File Operations
| Command | Reason |
|---|---|
rm * | File deletion, may cause data loss |
rm -rf * | Recursive force delete, extremely dangerous |
sudo * | Super user privileges |
chmod 777 * | Opens all permissions |
Dangerous Process Operations
| Command | Reason |
|---|---|
kill -9 * | Force kill process |
pkill * | Kill processes by name |
curl * | bash | Remote code execution |
eval * | Dynamic code execution |
Dangerous Git Operations
| Command | Reason |
|---|---|
git push --force * | Force push, may overwrite remote |
git reset --hard * | Hard reset, loses uncommitted changes |
Output Format
Analysis Result (Single Skill)
Skill: port-allocator Location: ~/.claude/skills/port-allocator Detected commands: - find ~/Codes -maxdepth 3 -name "package.json" - ls -d */ - cat ~/.claude/port-registry.json - lsof -i:3000 Generated permission rules: - Bash(find * -maxdepth * -name package.json *) - Bash(ls -d *) - Bash(cat ~/.claude/*) - Bash(lsof -i:3*) Run `/skill-permissions allow port-allocator` to authorize
Authorization Success
Permission authorization successful Skill: port-allocator Added permission rules: - Bash(find * -maxdepth * -name package.json *) - Bash(ls -d *) - Bash(cat ~/.claude/*) - Bash(lsof -i:3*) Config file: ~/.claude/settings.json New permissions take effect in next session, or run /clear to apply immediately
Configuration Files
- •Permission config:
~/.claude/settings.json - •Skill directory:
~/.claude/skills/
First Use
If you encounter permission prompts, first run:
/skill-permissions allow
Command: /skill-permissions allow
Execute one-time authorization for this skill:
- •Read
~/.claude/settings.json - •Merge the following permissions to
permissions.allow:
{
"permissions": {
"allow": [
"Bash(find ~/.claude/skills *)",
"Bash(cat ~/.claude/*)"
]
}
}
- •Write config file (preserve existing permissions)
- •Output authorization result
Notes
- •Conservative analysis - Only identify explicitly appearing commands, avoid over-authorization
- •Deduplicated merge - New permissions merge with existing, no duplicates
- •No deletion - Only adds permissions, won't delete user's existing permission config
- •Wildcards - Use
*to match varying parameter parts - •Session effect - Permission updates require new session or /clear to take effect
- •Explicit preferred - Recommend explicit commands over batch operations to reduce risks