review-permissions
CommunityAudit Claude Code permission allow rules safely
Software Engineering#claude code#permissions#security audit#command injection#allowlist#secret protection#glob rules
Authorjcdendrite
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill helps you prevent insecure or overly-permissive Claude Code permissions.allow rules from enabling command injection, secret exposure, or privilege escalation.
Core Features & Use Cases
- Security checklist review: Evaluates each
permissions.allowglob entry against targeted attack categories like injection, flag abuse, path traversal, sensitive file reads, and prompt-manipulated command crafting. - Combination testing: Flags dangerous multi-rule chains (for example, read-then-exfiltrate) rather than assessing rules in isolation.
- Privileged script validation guidance: Confirms that custom privileged scripts follow the documented three-layer strict-shape pattern (exact allow entries, a dedicated
PreToolUse:Bashguard, and script-internal arg validation).
Quick Start
Review the current permissions.allow entries in your .claude/settings.json by asking: "Review my Claude Code permissions.allow rules for security issues and propose tighter replacements."
Dependency Matrix
Required Modules
None requiredComponents
references
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: review-permissions Download link: https://github.com/jcdendrite/claude-config/archive/main.zip#review-permissions Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.