permission-management

Permission Management Skill

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "permission-management" with this command: npx skills add melodic-software/claude-code-plugins/melodic-software-claude-code-plugins-permission-management

Permission Management Skill

MANDATORY: Invoke docs-management First

STOP - Before providing ANY response about Claude Code permissions:

  • INVOKE docs-management skill

  • QUERY for the user's specific topic

  • BASE all responses EXCLUSIVELY on official documentation loaded

Skipping this step results in outdated or incorrect information.

Verification Checkpoint

Before responding, verify:

  • Did I invoke docs-management skill?

  • Did official documentation load?

  • Is my response based EXCLUSIVELY on official docs?

If ANY checkbox is unchecked, STOP and invoke docs-management first.

Overview

Central authority for Claude Code permissions. This skill uses 100% delegation to docs-management - it contains NO duplicated official documentation.

Architecture: Pure delegation with keyword registry. All official documentation is accessed via docs-management skill queries.

When to Use This Skill

Keywords: permissions, allow rules, deny rules, ask rules, permission modes, defaultMode, acceptEdits, bypassPermissions, plan mode, tool permissions, Bash permissions, Read permissions, Edit permissions, WebFetch permissions, MCP permissions, additionalDirectories, /permissions

Use this skill when:

  • Configuring permission rules

  • Understanding permission modes

  • Setting up tool-specific permissions

  • Troubleshooting permission issues

  • Adding additional working directories

  • Understanding rule precedence

Keyword Registry for docs-management Queries

Use these keywords when querying docs-management skill for official documentation:

Permission System

Topic Keywords

Overview "permission system", "tiered permissions", "approval required"

Configuration "configuring permissions", "/permissions command"

Rule Types "allow rules", "ask rules", "deny rules"

Precedence "rule precedence", "deny > ask > allow"

Permission Modes

⚠️ STALENESS WARNING: Do NOT hardcode permission mode names or values. Query docs-management for the authoritative list of permission modes.

Topic Query Pattern What You'll Find

All Modes "iam.md permission modes" Complete list of available modes

Mode Behavior "iam.md defaultMode acceptEdits" Mode descriptions and effects

Mode Configuration "iam.md configuring permission mode" How to set modes

Tool-Specific Rules

⚠️ STALENESS WARNING: Do NOT hardcode tool names or pattern syntax. Query docs-management for the authoritative list of tools and permission patterns.

Topic Query Pattern What You'll Find

Bash Rules "iam.md Bash permissions pattern matching" Bash permission syntax

File Rules "iam.md Read Edit permissions gitignore" File permission patterns

Path Patterns "iam.md path pattern types" Absolute, home, relative patterns

WebFetch Rules "iam.md WebFetch domain permissions" Domain pattern syntax

MCP Rules "iam.md MCP permissions mcp__server" MCP tool permission syntax

Security Considerations (v2.1.6+)

⚠️ SECURITY: These topics cover security-sensitive permission behaviors. Query docs-management for the authoritative guidance.

Topic Query Pattern What You'll Find

Wildcard + Shell Operators "iam.md wildcard rules shell operators compound commands" SECURITY FIX (v2.1.7): Wildcard rules matching compound commands

Line Continuation Bypass "iam.md permission bypass line continuation" SECURITY FIX (v2.1.6): Shell line continuation escape prevention

Working Directories

Topic Keywords

Additional Dirs "additionalDirectories", "--add-dir"

Working Directory "working directories", "file access scope"

Quick Decision Tree

What do you want to do?

  • Set up allow rules -> Query docs-management: "allow rules", "auto-approve"

  • Set up deny rules -> Query docs-management: "deny rules", "prevent usage"

  • Set up ask rules -> Query docs-management: "ask rules", "confirmation required"

  • Change permission mode -> Query docs-management: "permission modes", "defaultMode"

  • Configure Bash permissions -> Query docs-management: "Bash permissions", "Bash pattern matching"

  • Configure file permissions -> Query docs-management: "Read Edit permissions", "gitignore-style"

  • Add working directories -> Query docs-management: "additionalDirectories", "--add-dir"

  • Configure MCP permissions -> Query docs-management: "MCP permissions", "mcp__server"

Topic Coverage

Permission System Topics

  • Tiered permission model (read-only, bash, file modification)

  • Allow rules (auto-approve)

  • Ask rules (confirmation required)

  • Deny rules (prevent usage)

  • Rule precedence (deny > ask > allow)

  • Permission rule format

Permission Modes Topics

  • default mode (standard prompting)

  • acceptEdits mode (auto-accept file edits)

  • plan mode (analyze only, no modifications)

  • bypassPermissions mode (skip all prompts)

Tool Permission Rules

  • Bash permission patterns (exact match, prefix match)

  • Bash pattern limitations

  • Read and Edit gitignore-style patterns

  • Path pattern types (absolute, home, relative)

  • WebFetch domain permissions

  • MCP tool permissions (no wildcards)

  • Hooks for custom permission evaluation

Working Directories Topics

  • additionalDirectories configuration

  • --add-dir CLI flag

  • Scope of file access

Troubleshooting Quick Reference

Issue Keywords for docs-management

Permission too restrictive "allow rules", "auto-approve"

Permission too permissive "deny rules", "prevent usage"

Wrong mode active "permission modes", "defaultMode"

MCP tools blocked "MCP permissions", "mcp__server"

Can't access files "additionalDirectories", "--add-dir"

Related Skills

  • sandbox-configuration - For sandboxing and isolation

  • enterprise-security - For managed policies

  • settings-management - For general configuration

Version History

v1.1.0 (2026-01-16): Security fixes keyword registry

  • Added Security Considerations section (v2.1.6+)

  • Added wildcard + shell operators security fix keywords (v2.1.7)

  • Added line continuation bypass security fix keywords (v2.1.6)

v1.0.0 (2025-11-30): Initial release (split from security-meta)

  • Focused on permissions only

  • Pure delegation architecture

  • Comprehensive keyword registry

Last Updated

Date: 2026-01-16 Model: claude-opus-4-5-20251101

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Coding

design-thinking

No summary provided by upstream source.

Repository SourceNeeds Review
109-melodic-software
Coding

plantuml-syntax

No summary provided by upstream source.

Repository SourceNeeds Review
77-melodic-software
Coding

system-prompt-engineering

No summary provided by upstream source.

Repository SourceNeeds Review
59-melodic-software
Coding

resume-optimization

No summary provided by upstream source.

Repository SourceNeeds Review
53-melodic-software