npx claudepluginhub jpoutrin/product-forge --plugin product-designWant just this skill?
Then install: npx claudepluginhub u/[userId]/[slug]
Reference for configuring tool permissions when launching Claude Code agents. Use when setting up --allowedTools flags, restricting file access, or configuring agent permissions.
This skill uses the workspace's default tool permissions.
Claude Code Tools Reference
Configure tool permissions when launching parallel Claude Code agents.
Available Tools
| Tool | Description | Use Case |
|---|---|---|
Read | Read files | Always needed for context |
Write | Create new files | Creating new code files |
Edit | Modify existing files | Updating existing code |
Bash | Execute shell commands | Running tests, builds, git |
Glob | Find files by pattern | File discovery |
Grep | Search file contents | Code search |
WebFetch | Fetch web content | Documentation lookup |
WebSearch | Search the web | Research |
TodoWrite | Manage task lists | Progress tracking |
Task | Launch sub-agents | Delegation |
NotebookEdit | Edit Jupyter notebooks | Data science |
mcp__<server> | MCP server tools | External integrations |
CLI Syntax
Each tool is a separate quoted argument:
claude --allowedTools "Tool1" "Tool2" "Tool3(...)" --print "prompt"
Example with multiple tools:
claude --allowedTools "Read" "Edit" "Bash(pytest:*)" --print "implement feature"
Path-Specific Restrictions
Restrict file operations to specific directories using gitignore-style patterns.
Path Pattern Syntax
| Pattern | Meaning | Example |
|---|---|---|
//path | Absolute filesystem path | Edit(//Users/alice/src/**) |
~/path | Home directory relative | Read(~/.zshrc) |
/path | Relative to settings file | Edit(/src/**/*.ts) |
path | Relative to current directory | Read(src/**) |
Examples
# Allow editing only in src/ directory
claude --allowedTools "Edit(/src/**)" --print "..."
# Allow editing TypeScript files only
claude --allowedTools "Edit(/src/**/*.ts)" --print "..."
# Multiple path restrictions
claude --allowedTools "Read" "Edit(/apps/users/**)" "Edit(/tests/**)" --print "..."
# Absolute path restriction
claude --allowedTools "Edit(//tmp/scratch.txt)" --print "..."
Bash Command Restrictions
Restrict which shell commands can be executed using prefix matching.
Syntax
Bash(command:*)
The :* wildcard only works at the END of patterns (prefix matching).
Pattern Examples
| Pattern | Matches | Does NOT Match |
|---|---|---|
Bash(pytest:*) | pytest, pytest apps/ | python -m pytest |
Bash(npm run test:*) | npm run test, npm run test:unit | npm run build |
Bash(git log:*) | git log --oneline | git commit |
Bash(git status:*) | git status | git push |
Bash(mypy:*) | mypy apps/ | python -m mypy |
Bash(ruff:*) | ruff check . | python -m ruff |
Example
claude --allowedTools "Bash(pytest:*)" "Bash(mypy:*)" "Bash(ruff:*)" "Read" --print "run tests"
Security Note
Claude Code prevents bypass via shell operators (&&, ;, ||). Be aware:
- Different invocations may bypass patterns (
python -m pytestvspytest) - For URL restrictions, prefer
WebFetch(domain:...)overBash(curl:*)
WebFetch Domain Restrictions
Restrict web fetches to specific domains:
claude --allowedTools "WebFetch(domain:github.com)" "WebFetch(domain:docs.python.org)" --print "..."
MCP Tool Restrictions
Allow All Tools from a Server
claude --allowedTools "mcp__puppeteer" --print "..."
Allow Specific Tool Only
claude --allowedTools "mcp__puppeteer__puppeteer_navigate" --print "..."
Note: MCP permissions do NOT support wildcards (*).
Recommended Configurations
By Task Type
| Task Type | Recommended --allowedTools |
|---|---|
| Implementation | "Read" "Write" "Edit(/apps/myapp/**)" "Bash(pytest:*)" "Bash(mypy:*)" "Glob" "Grep" |
| Code Review | "Read" "Glob" "Grep" (read-only) |
| Testing Only | "Read" "Bash(pytest:*)" "Bash(npm test:*)" |
| Documentation | "Read" "Write(/docs/**)" "Edit(/docs/**)" "WebFetch" |
| Full Access | --dangerously-skip-permissions |
For Parallel Development
When using git worktrees for isolation, --dangerously-skip-permissions is safe:
- Each agent runs in an isolated worktree
- Agents can only affect files in their workspace
- Main branch remains protected until explicit merge
# Safe in isolated worktree
claude --dangerously-skip-permissions --print "$(cat prompts/task-001.txt)"
For Granular Control
When agents share a workspace, use path-scoped permissions:
claude \
--allowedTools \
"Read" \
"Write(/apps/users/**)" \
"Edit(/apps/users/**)" \
"Bash(pytest apps/users/:*)" \
"Bash(mypy apps/users/:*)" \
"Glob" \
"Grep" \
--print "$(cat prompts/task-001.txt)"
Complete Examples
Django App Implementation Agent
claude \
--allowedTools \
"Read" \
"Write(/apps/orders/**)" \
"Edit(/apps/orders/**)" \
"Bash(pytest apps/orders/:*)" \
"Bash(mypy apps/orders/:*)" \
"Bash(ruff check apps/orders/:*)" \
"Glob" \
"Grep" \
--print "Implement order management per task-004 spec"
React Component Agent
claude \
--allowedTools \
"Read" \
"Write(/src/components/Dashboard/**)" \
"Edit(/src/components/Dashboard/**)" \
"Bash(npm run test:*)" \
"Bash(npm run lint:*)" \
"Glob" \
"Grep" \
--print "Implement Dashboard components per task-003 spec"
Read-Only Analysis Agent
claude \
--allowedTools \
"Read" \
"Glob" \
"Grep" \
"WebFetch(domain:docs.python.org)" \
--print "Analyze codebase and suggest improvements"
Quick Reference
| Restriction Type | Syntax |
|---|---|
| Allow tool everywhere | "Edit" |
| Restrict to directory | "Edit(/src/**)" |
| Restrict to file type | "Edit(/src/**/*.ts)" |
| Restrict bash command | "Bash(pytest:*)" |
| Restrict web domain | "WebFetch(domain:github.com)" |
| Allow MCP server | "mcp__puppeteer" |
| Allow specific MCP tool | "mcp__puppeteer__puppeteer_navigate" |
| Skip all permissions | --dangerously-skip-permissions |
Common Patterns
Task-Scoped Permissions
Match permissions to task boundaries:
# Task owns apps/users/
--allowedTools "Edit(/apps/users/**)" "Write(/apps/users/**)"
# Task owns apps/orders/
--allowedTools "Edit(/apps/orders/**)" "Write(/apps/orders/**)"
Test Commands Only
--allowedTools "Read" "Bash(pytest:*)" "Bash(npm test:*)" "Bash(go test:*)"
Documentation Writer
--allowedTools "Read" "Write(/docs/**)" "Edit(/docs/**)" "WebFetch" "WebSearch"
Infrastructure Agent
--allowedTools "Read" "Edit(/terraform/**)" "Edit(/docker-compose.yml)" "Bash(terraform:*)" "Bash(docker:*)"
Similar Skills
Activates when the user asks about AI prompts, needs prompt templates, wants to search for prompts, or mentions prompts.chat. Use for discovering, retrieving, and improving prompts.
Search, retrieve, and install Agent Skills from the prompts.chat registry using MCP tools. Use when the user asks to find skills, browse skill catalogs, install a skill for Claude, or extend Claude's capabilities with reusable AI agent components.
Creating algorithmic art using p5.js with seeded randomness and interactive parameter exploration. Use this when users request creating art using code, generative art, algorithmic art, flow fields, or particle systems. Create original algorithmic art rather than copying existing artists' work to avoid copyright violations.