auto-approve-security
CommunityHarden auto-approve permission security
Software Engineering#security#hooks#code-execution#threat-model#auto-approve#deny-rules#exploit-chain
Authorshellicar
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill documents the threat model and mitigations for auto-approve permission systems so that autonomous edit-and-execute workflows do not enable arbitrary code execution or configuration poisoning.
Core Features & Use Cases
- Exploit chain analysis: Step-by-step attack paths (edit+execute, script injection, git hooks, config poisoning) and how each is mitigated.
- Concrete mitigations: Clear deny/allow rule recommendations, PreToolUse hook constraints, and filesystem protections for settings, hooks, and skills.
- Audit checklist & testing notes: Practical tests and verified outcomes to validate that deny rules and hooks are effective in real sessions.
Quick Start
Ask Claude to evaluate a new auto-approve request against the documented threat model and return any security gaps, required deny rules, and recommended PreToolUse hook updates.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: auto-approve-security Download link: https://github.com/shellicar/skills/archive/main.zip#auto-approve-security Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.