Permissions

Overview

Set up proper permissions for AI development tools to balance productivity with security. Auto-allow safe operations, require approval for dangerous ones.

Risk-Based Classification

🟢 Safe Auto-Allow

git status, git log, git diff
npm test, bundle exec rspec
ls, cat, grep, find
curl -s -I http://localhost:*

🔴 Always Require Approval

git push, git push --force
npm publish, gem push
rm -rf, sudo rm
aws *, kubectl *
docker run, docker push

Setup Guidelines

Start restrictive - Begin with minimal auto-approvals
Add incrementally - Approve commands as you encounter them
Monitor usage - Review what commands are requested frequently
Adjust based on patterns - Auto-approve commands you find yourself approving repeatedly

Command Evaluation

Before auto-approving, ask:

Can this command cause data loss?
Can this command expose sensitive information?
Can this command affect production systems?

If any answer is "yes", require manual approval.

Template Available

There's a permission management template in .claude/templates/ that helps you configure AI tool permissions safely using natural language descriptions.

Overview​

Risk-Based Classification​

🟢 Safe Auto-Allow​

🔴 Always Require Approval​

Setup Guidelines​

Command Evaluation​

Template Available​