Permission Patterns Skill

Permission Patterns

Configure Claude Code permissions for security, productivity, and team compliance.

Quick Reference

| Aspect | Options | |--------|---------| | Permission Modes | default, plan, acceptEdits, dontAsk, bypassPermissions | | Settings Files | ~/.claude/settings.json (user), .claude/settings.json (project) | | Rule Types | allow, ask, deny | | Pattern Types | Tool names, Bash commands, file paths, MCP tools |

Permission Modes

| Mode | Behavior | Use Case | |------|----------|----------| | default | Prompts on first use of each tool | Standard development | | plan | Read-only, no modifications | Code review, analysis | | acceptEdits | Auto-accepts file edits | Trusted editing sessions | | dontAsk | Auto-denies unless pre-approved | Restricted environments | | bypassPermissions | Skips all prompts | Trusted automation (use with caution) |

For detailed mode behaviors and switching, see MODES.md.

Permission Rule Precedence

Rules are evaluated in this order (highest to lowest):

Deny - Blocks tool use (highest priority)
Ask - Requires confirmation
Allow - Permits without prompting

Settings file precedence:

Managed settings (enterprise)
Command line arguments
.claude/settings.local.json (local project)
.claude/settings.json (shared project)
~/.claude/settings.json (user)

Basic Configuration

{
  "permissions": {
    "allow": [
      "Bash(git status)",
      "Read"
    ],
    "deny": [
      "Bash(rm -rf *)"
    ]
  },
  "defaultMode": "default"
}

Common Permission Patterns

Git Operations

{
  "permissions": {
    "allow": [
      "Bash(git status)",
      "Bash(git diff:*)",
      "Bash(git log:*)",
      "Bash(git branch:*)",
      "Bash(git checkout:*)"
    ],
    "ask": [
      "Bash(git push:*)",
      "Bash(git commit:*)"
    ]
  }
}

Package Managers

{
  "permissions": {
    "allow": [
      "Bash(npm run *)",
      "Bash(npm test:*)",
      "Bash(bun *)",
      "Bash(yarn *)"
    ]
  }
}

File Operations

{
  "permissions": {
    "allow": [
      "Edit(/src/**/*.ts)",
      "Edit(/tests/**)",
      "Read"
    ],
    "deny": [
      "Edit(/.env)",
      "Edit(/secrets/**)"
    ]
  }
}

For comprehensive patterns including Bash, file paths, and MCP tools, see PATTERNS.md.

Tool Permission Categories

| Category | Default | Examples | |----------|---------|----------| | Read-only | No approval | Read, Glob, Grep, LS | | File modification | Session approval | Edit, Write | | Bash commands | Per-command approval | Bash | | Network | Per-request approval | WebFetch | | MCP tools | Per-tool approval | mcp__server__tool |

Sandboxing

Enable sandboxing for filesystem and network isolation:

/sandbox

Benefits:

Filesystem isolation (writes restricted to project)
Network access controls
Reduced permission prompts
Maintained security boundaries

Claude Code restricts writes to the project directory and subdirectories by default. Parent directories are protected.

Security Essentials

Always Deny

{
  "permissions": {
    "deny": [
      "Bash(curl *)",
      "Bash(wget *)",
      "Bash(rm -rf *)",
      "Edit(/.env)",
      "Edit(/secrets/**)"
    ]
  }
}

Principle of Least Privilege

Start restrictive, add permissions as needed:

{
  "defaultMode": "dontAsk",
  "permissions": {
    "allow": [
      "Read",
      "Bash(git status)",
      "Bash(npm test)"
    ]
  }
}

For comprehensive security guidance, see SECURITY.md.

CLI Permission Flags

| Flag | Purpose | |------|---------| | --permission-mode <mode> | Start in specific mode | | --allowedTools <patterns> | Pre-approve tools | | --disallowedTools <patterns> | Block tools | | --tools <list> | Restrict available tools | | --dangerously-skip-permissions | Skip all prompts (use with caution) |

Example:

claude --permission-mode plan
claude --allowedTools "Bash(git:*)" "Read"
claude --tools "Bash,Edit,Read"

Managing Permissions

View and manage permissions interactively:

/permissions

Shows:

All permission rules
Source settings file for each rule
Current permission mode

Workflow: Setting Up Project Permissions

Prerequisites

[ ] Identify tools needed for the project
[ ] Determine security requirements
[ ] Check for enterprise managed settings

Steps

Create project settings
- [ ] Create .claude/settings.json
- [ ] Set appropriate defaultMode
- [ ] Add allow rules for common operations
Configure sensitive operations
- [ ] Add ask rules for risky operations
- [ ] Add deny rules for blocked operations
Test configuration
- [ ] Run Claude Code with /permissions
- [ ] Verify expected prompts appear
- [ ] Adjust rules as needed

Validation

[ ] Common operations work without excessive prompts
[ ] Sensitive operations require confirmation
[ ] Blocked operations are denied

Reference Files

| File | Contents | |------|----------| | MODES.md | Detailed permission mode behaviors and switching | | PATTERNS.md | Comprehensive pattern syntax for all tool types | | SECURITY.md | Security best practices and enterprise policies |

Agent Skills: Permission Patterns

Skill Files