Skill

permissions-patterns

Knowledge about Claude Code permission patterns, safe defaults, and settings.local.json structure. Use when discussing permissions, configuring project settings, or analyzing what commands should be auto-approved.

Install

npx claudepluginhub jobrien127/plugin-marketplace --plugin permissions-manager

Tool Access

This skill uses the workspace's default tool permissions.

Preview

This skill provides comprehensive knowledge about Claude Code permission management.

Supporting Assets

references/safe-patterns.mdreferences/settings-schema.md

SKILL.md

Similar Skills

cache-components

Guides Next.js Cache Components and Partial Prerendering (PPR) with cacheComponents enabled. Implements 'use cache', cacheLife(), cacheTag(), revalidateTag(), static/dynamic optimization, and cache debugging.

cache-components

139.2k

mcp-builder

9 files

Guides building MCP servers enabling LLMs to interact with external services via tools. Covers best practices, TypeScript/Node (MCP SDK), Python (FastMCP).

anthropics-skills-13

124.2k

canvas-design

20 files

Generates original PNG/PDF visual art via design philosophy manifestos for posters, graphics, and static designs on user request.

anthropics-skills-13

124.2k

Stats

Parent Repo Stars0

Parent Repo Forks0

Last CommitApr 24, 2026

Actions

View Source View Plugin View on GitHub View README

Permissions Patterns Knowledge

This skill provides comprehensive knowledge about Claude Code permission management.

Permission Syntax

Claude Code uses a pattern-based permission system in settings.local.json:

Tool(qualifier:pattern)

Examples:

Bash(npm test:*) - Allow npm test with any arguments
Bash(git status:*) - Allow git status
WebFetch(domain:github.com) - Allow fetching from GitHub
Read(path:/project/**) - Allow reading files in /project

Permission Categories

Category A: Read-Only (Always Safe)

These commands only read data and cannot modify the system:

Command	Purpose
`find`	Locate files
`ls`	List directory contents
`grep`	Search file contents
`cat`	Display file contents
`head`	Show beginning of file
`tail`	Show end of file
`stat`	File statistics
`file`	Determine file type
`pwd`	Print working directory
`which`	Locate commands
`tree`	Directory structure

Category B: Project Verification (Safe with context)

Commands that verify project state without modifying it:

Command	Purpose
`git status`	Working tree status
`git diff`	Show changes
`git log`	Commit history
`git check-ignore`	Check gitignore
`npm run test`	Run tests
`npm run lint`	Run linter
`npx tsc --noEmit`	Type checking
`gh pr view`	View PR details
`gh pr diff`	View PR diff

Category C: Setup/Install (Require confirmation)

These modify node_modules or install dependencies:

Command	Purpose	Risk
`npm install`	Install dependencies	Network + disk
`npm ci`	Clean install	Network + disk
`yarn install`	Install dependencies	Network + disk
`stow`	Symlink management	Modifies home dir
`pip install`	Python packages	Network + disk
`cargo build`	Rust compilation	Disk

Category D: Dangerous (Always ask)

Never auto-approve these:

Command	Risk
`rm`	Data loss
`git push`	Remote modification
`git commit`	History modification
`git reset`	History loss
`git rebase`	History rewrite

Project Type Detection

Detect project types from manifest files:

File	Project Type	Suggested Permissions
`package.json`	Node.js	npm/yarn commands
`Cargo.toml`	Rust	cargo commands
`pyproject.toml`	Python	pip/poetry commands
`go.mod`	Go	go commands
`Makefile`	Make-based	make targets
`Gemfile`	Ruby	bundle commands
`composer.json`	PHP	composer commands

Best Practices

Start minimal - Only approve what's needed
Use wildcards carefully - Bash(npm:*) is too broad
Be specific - Bash(npm run test:*) is better than Bash(npm:*)
Review periodically - Remove unused permissions
Project-specific - Use settings.local.json, not global settings

References

For detailed patterns and schema, see:

references/safe-patterns.md - Complete pattern lists
references/settings-schema.md - Settings file structure