Skip to content

feat(claude): enhance permissions with context-aware safety patterns#4

Open
technicalpickles wants to merge 3 commits intomainfrom
permissions-enhancement
Open

feat(claude): enhance permissions with context-aware safety patterns#4
technicalpickles wants to merge 3 commits intomainfrom
permissions-enhancement

Conversation

@technicalpickles
Copy link
Owner

@technicalpickles technicalpickles commented Jan 25, 2026

Summary

Comprehensive improvements to Claude Code permissions, balancing security with usability through a three-tier system: allow safe patterns, ask for moderate risk, deny catastrophic operations.

New Features

New Ecosystem Files:

  • permissions.beans.json - Beans issue tracker commands
  • permissions.colima.json - Colima container management

New Skill:

  • permissions-manager - Local skill for analyzing and managing permissions
    • /permissions-manager analyze - Generate recommendations
    • /permissions-manager apply - Interactively apply changes
    • /permissions-manager review - Quick status overview

Key Improvements

Safe rm -rf Patterns:

  • Allow safe build artifacts: node_modules, dist, build, target, etc.
  • Use exact matches without wildcards to prevent multi-path deletions
  • Added both relative (dist) and explicit (./dist) variants

Granular sudo Permissions:

  • Allow: systemctl, journalctl, docker (service management)
  • Ask: chmod, chown, shutdown, package managers (moderate risk)
  • Deny: rm -rf, dd, mkfs, fdisk (destructive operations)

Git Force-Push Protection:

  • Explicitly deny force-push to main/master branches
  • Allow safer alternative: --force-with-lease
  • Changed force-push to feature branches from deny → ask
  • Added common safe reset patterns

Shell Utilities:

  • Added 30+ common utilities: bash, awk, rsync, ssh, ps, pkill, sqlite3, yamllint, etc.

Other Changes:

  • Added documentation domains for WebFetch (mise, karafka, lima-vm)
  • Changed MCP destructive operations from deny → ask
  • Added work-specific bktide commands

Security Enhancements

Wildcard Safety:

  • Removed dangerous :* wildcards from rm -rf commands
  • Prevents patterns like rm -rf node_modules /etc from matching
  • Kept wildcards only for truly safe operations

Explicit Denies:

  • Absolute path deletion: /, /*, ~, ~/*, $HOME
  • Parent directory deletion: ., .., ../*
  • Pipe-to-shell: curl | bash, wget | sh
  • Protected branches: force-push to main/master

Documentation

Analysis & Guides:

  • claude-permissions-analysis.md - Full analysis and recommendations
  • claude-permissions-safe-patterns.md - Context-specific safety patterns
  • claude-permissions-wildcard-safety.md - Wildcard security analysis
  • claude-permissions-changes-summary.md - Complete change summary

Privacy Features:

  • Permissions-manager skill auto-redacts project names
  • Timestamped documentation safe for commits
  • Sanitizes paths and domains

Stats

Metric Before After Change
Allow 346 423 +77 (+22%)
Ask 2 25 +23 (+1150%)
Deny 9 25 +16 (+178%)

Cleanup

Removed 37 duplicate permission entries from 16 project files.

Test Plan

  • Tested rm -rf patterns prevent multi-path deletions
  • Verified safe patterns auto-allow (no prompts)
  • Confirmed dangerous patterns prompt or deny
  • Regenerated settings successfully
  • Cleaned up project duplicates

Commits

  • feat(claude): enhance permissions with context-aware safety patterns
  • feat(claude): add permissions-manager skill

🤖 Generated with Claude Code

technicalpickles and others added 3 commits January 24, 2026 17:37
@technicalpickles @claude
feat(claude): enhance permissions with context-aware safety patterns
91c30d3 
New ecosystem files and comprehensive permission improvements.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@technicalpickles @claude
feat(claude): add permissions-manager skill
f3293d4 
New local skill for analyzing and managing Claude Code permissions.

Features:
- analyze: Aggregate permissions and generate recommendations
- apply: Interactively apply permission changes
- review: Quick permission state overview

Privacy & security:
- Automatic redaction of project names and private info
- Timestamped documentation safe for commits
- Wildcard safety analysis
- Interactive confirmation before changes

Includes helper scripts:
- aggregate-permissions.sh: Gather permission data
- redact-projects.sh: Sanitize documentation
- analyze-wildcards.sh: Find dangerous patterns
- generate-recommendations.sh: Create recommendations

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@technicalpickles @claude
refactor(permissions-manager): move docs into skill and use timestamp…
f81a17b 
…ed output

Changes:
- Removed point-in-time analysis docs from repo (will be regenerated)
- Moved general reference guides into skill docs directory
- Updated skill to output to doc/permissions/YYYY-MM-DD/ instead of doc/
- Added doc/permissions/ to .gitignore for generated output
- Skill now creates timestamped directories for all generated files

Generated docs are now:
- Organized by date in doc/permissions/YYYY-MM-DD/
- Automatically gitignored
- Reference guides live in skill docs for easy access

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@technicalpickles