OpenSkillIndex← back to search
claude-code

Marketplace skill-permissions

Skill permission analysis, one-time authorization, analyze skill permissions, batch authorization

install
source · Clone the upstream repo
git clone https://github.com/aiskillstore/marketplace
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/aiskillstore/marketplace "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/guo-yu/skill-permissions" ~/.claude/skills/aiskillstore-marketplace-skill-permissions && rm -rf "$T"
manifest: skills/guo-yu/skill-permissions/SKILL.md
source content

Skill Permissions

Automatically analyze permissions required by all skills in Claude Code and generate one-time authorization commands.

Dangerous Operations Warning

This skill can modify other skill files. The following commands may cause widespread file changes:

CommandRisk LevelDescription
/skill-permissions inject
HighBatch modify all skill SKILL.md files
/skill-permissions allow-all
MediumBatch modify settings.json
/skill-permissions allow <name>
LowOnly modify settings.json
/skill-permissions <name>
SafeRead-only analysis, no file modifications

Recommendations:

  • Prefer explicit commands (e.g., 
    /skill-permissions allow port-allocator
    )
  • Avoid 
    inject
    or 
    allow-all
    unless you understand the impact
  • Run 
    /skill-permissions
    first to see analysis results before batch operations

Usage

CommandDescription
/skill-permissions
Analyze all skills and show permission summary
/skill-permissions <skill-name>
Analyze specific skill's permission requirements
/skill-permissions allow <skill-name>
Execute one-time authorization for specific skill
/skill-permissions allow-all
Execute one-time authorization for all skills
/skill-permissions inject
Inject allow command into all skills
/skill-permissions allow
Execute one-time authorization for this skill

How It Works

1. Permission Analysis

Scan skill's SKILL.md file, identifying patterns like:

Bash Command Patterns:

find * → Bash(find *)
ls * → Bash(ls *)
cat ~/.claude/* → Bash(cat ~/.claude/*)
lsof -i:3* → Bash(lsof -i:3*)
git * → Bash(git *)
npm * → Bash(npm *)

Recognition Rules:

  • Bash commands in code blocks (
    bash ...
    )
  • Inline commands (
    command
    )
  • Explicitly mentioned system commands

2. Permission Rule Generation

Convert identified commands to 

permissions.allow
rules:

{
  "permissions": {
    "allow": [
      "Bash(find * -name package.json *)",
      "Bash(ls -d *)",
      "Bash(cat ~/.claude/*)",
      "Bash(lsof -i:3*)"
    ]
  }
}

Execution Steps

Command: 
/skill-permissions

Analyze all skills and show permission summary:

  1. Scan all skills

    find ~/.claude/skills -name "SKILL.md" -type f 2>/dev/null

  2. Analyze permissions for each skill

    • Read SKILL.md content
    • Extract bash code blocks
    • Identify command patterns
    • Generate permission rules

  3. Output analysis results

Command: 
/skill-permissions <skill-name>

Analyze specific skill's permission requirements:

  1. Locate skill

    SKILL_PATH=$(find ~/.claude/skills -type d -name "<skill-name>" 2>/dev/null | head -1)

  2. Read and analyze SKILL.md

  3. Output detailed permission list

Command: 
/skill-permissions allow <skill-name>

Execute one-time authorization for specific skill:

  1. Analyze skill permission requirements
  2. Read existing config
  3. Merge permission rules (deduplicate, preserve existing rules)
  4. Write config file
  5. Output authorization result

Blocked Commands

The following command patterns are automatically blocked and won't be added to the allowlist:

Dangerous File Operations

CommandReason
rm *
File deletion, may cause data loss
rm -rf *
Recursive force delete, extremely dangerous
sudo *
Super user privileges
chmod 777 *
Opens all permissions

Dangerous Process Operations

CommandReason
kill -9 *
Force kill process
pkill *
Kill processes by name
curl * | bash
Remote code execution
eval *
Dynamic code execution

Dangerous Git Operations

CommandReason
git push --force *
Force push, may overwrite remote
git reset --hard *
Hard reset, loses uncommitted changes

Output Format

Analysis Result (Single Skill)

Skill: port-allocator
Location: ~/.claude/skills/port-allocator

Detected commands:
  - find ~/Codes -maxdepth 3 -name "package.json"
  - ls -d */
  - cat ~/.claude/port-registry.json
  - lsof -i:3000

Generated permission rules:
  - Bash(find * -maxdepth * -name package.json *)
  - Bash(ls -d *)
  - Bash(cat ~/.claude/*)
  - Bash(lsof -i:3*)

Run `/skill-permissions allow port-allocator` to authorize

Authorization Success

Permission authorization successful

Skill: port-allocator

Added permission rules:
  - Bash(find * -maxdepth * -name package.json *)
  - Bash(ls -d *)
  - Bash(cat ~/.claude/*)
  - Bash(lsof -i:3*)

Config file: ~/.claude/settings.json

New permissions take effect in next session, or run /clear to apply immediately

Configuration Files

  • Permission config: 
    ~/.claude/settings.json
  • Skill directory: 
    ~/.claude/skills/

First Use

If you encounter permission prompts, first run:

/skill-permissions allow

Command: 
/skill-permissions allow

Execute one-time authorization for this skill:

  1. Read 
    ~/.claude/settings.json
  2. Merge the following permissions to 
    permissions.allow
    :
{
  "permissions": {
    "allow": [
      "Bash(find ~/.claude/skills *)",
      "Bash(cat ~/.claude/*)"
    ]
  }
}
  1. Write config file (preserve existing permissions)
  2. Output authorization result

Notes

  1. Conservative analysis - Only identify explicitly appearing commands, avoid over-authorization
  2. Deduplicated merge - New permissions merge with existing, no duplicates
  3. No deletion - Only adds permissions, won't delete user's existing permission config
  4. Wildcards - Use 
    *
    to match varying parameter parts
  5. Session effect - Permission updates require new session or /clear to take effect
  6. Explicit preferred - Recommend explicit commands over batch operations to reduce risks