Add command permission rules to both Claude Code and Codex
Adds command permission rules to both Claude Code and Codex for allow, prompt, or deny behavior.
/plugin marketplace add DuncanJurman/entropy-plugins/plugin install meta-unify@entropy-marketplaceYou are helping the user add command permission rules to both Claude Code and Codex.
How rules work:
permissions in settings.json with allow, ask, deny arrays~/.codex/rules/*.rules with prefix_rule() functionBoth systems control which shell commands can run and whether to prompt for confirmation.
Parse $ARGUMENTS for rule details:
Check for these flags in $ARGUMENTS:
--claude-only: Only configure Claude Code--codex-only: Only configure Codex--project: Use project scope for Claude (Codex rules are always user-scope)| User Intent | Claude (permissions) | Codex (Starlark) |
|---|---|---|
| "allow", "permit", "always run" | allow array | decision = "allow" |
| "ask", "confirm", "prompt" | ask array | decision = "prompt" |
| "deny", "block", "forbid", "never" | deny array | decision = "forbidden" |
If the user provided sufficient context, proceed to Step 2.
If missing required information, ask conversationally:
"I'll help you add a command permission rule. I need to know:
- What command should this rule match? (e.g., 'git push', 'rm -rf', 'npm publish')
- What should happen? Allow it, ask for confirmation, or block it?
- Why? (optional but helps document the rule)"
Target file:
~/.claude/settings.json.claude/settings.jsonFormat:
{
"permissions": {
"allow": ["Bash(npm test:*)"],
"ask": ["Bash(git push:*)"],
"deny": ["Bash(rm -rf:*)"]
}
}
Pattern syntax:
Bash(command:*) - Match command with any argumentsBash(git push:*) - Match "git push" with any argsBash(npm run:*) - Match "npm run" with any argsBash(rm -rf:*) - Match dangerous rm commandsTarget file: ~/.codex/rules/meta-unify.rules
Format:
# Rule: DESCRIPTION
prefix_rule(
pattern = ["command", "subcommand"],
decision = "prompt",
justification = "REASON_HERE",
)
Pattern syntax:
["git", "push"] matches git push["git", ["push", "force-push"]]Decision values:
"allow" - Run without prompting"prompt" - Ask before each invocation"forbidden" - Block without promptingFor Claude:
For Codex:
~/.codex/rules/ exists, create if notmeta-unify.rulesIf one system fails:
"Claude rule added successfully, but Codex rule failed: [ERROR] Keep Claude changes? [y/n]"
Report success:
"Added permission rule for 'git push':
Claude Code: Added to
askarray in ~/.claude/settings.json"ask": ["Bash(git push:*)"]Codex: Added to ~/.codex/rules/meta-unify.rules
prefix_rule( pattern = ["git", "push"], decision = "prompt", justification = "Confirm before pushing to remote" )Both systems will now ask for confirmation before running
git push."
User input: "Require confirmation before git push"
"ask": ["Bash(git push:*)"]prefix_rule(pattern=["git", "push"], decision="prompt")User input: "Block all rm -rf commands"
"deny": ["Bash(rm -rf:*)"]prefix_rule(pattern=["rm", "-rf"], decision="forbidden")User input: "Always allow npm test"
"allow": ["Bash(npm test:*)"]prefix_rule(pattern=["npm", "test"], decision="allow")For complete format specifications, invoke the meta-unify-core skill to access: