aiskillstore/skill-permissions
skills/guo-yu/skill-permissions/SKILL.md
Skill permission analysis, one-time authorization, analyze skill permissions, batch authorization
$ install --global
skillsauthnpx skillsauth add aiskillstore/marketplace skill-permissionsInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Mar 31, 2026, 3:06 AM52.2s4 files scanned
SKILL.md
- name:
- skill-permissions
- description:
- Skill permission analysis, one-time authorization, analyze skill permissions, batch authorization
Skill Permissions
Automatically analyze permissions required by all skills in Claude Code and generate one-time authorization commands.
Dangerous Operations Warning
This skill can modify other skill files. The following commands may cause widespread file changes:
| Command | Risk Level | Description |
|---------|------------|-------------|
| /skill-permissions inject | High | Batch modify all skill SKILL.md files |
| /skill-permissions allow-all | Medium | Batch modify settings.json |
| /skill-permissions allow <name> | Low | Only modify settings.json |
| /skill-permissions <name> | Safe | Read-only analysis, no file modifications |
Recommendations:
- Prefer explicit commands (e.g.,
/skill-permissions allow port-allocator) - Avoid
injectorallow-allunless you understand the impact - Run
/skill-permissionsfirst to see analysis results before batch operations
Usage
| Command | Description |
|---------|-------------|
| /skill-permissions | Analyze all skills and show permission summary |
| /skill-permissions <skill-name> | Analyze specific skill's permission requirements |
| /skill-permissions allow <skill-name> | Execute one-time authorization for specific skill |
| /skill-permissions allow-all | Execute one-time authorization for all skills |
| /skill-permissions inject | Inject allow command into all skills |
| /skill-permissions allow | Execute one-time authorization for this skill |
How It Works
1. Permission Analysis
Scan skill's SKILL.md file, identifying patterns like:
Bash Command Patterns:
find * → Bash(find *)
ls * → Bash(ls *)
cat ~/.claude/* → Bash(cat ~/.claude/*)
lsof -i:3* → Bash(lsof -i:3*)
git * → Bash(git *)
npm * → Bash(npm *)
Recognition Rules:
- Bash commands in code blocks (
bash ...) - Inline commands (
command) - Explicitly mentioned system commands
2. Permission Rule Generation
Convert identified commands to permissions.allow rules:
{
"permissions": {
"allow": [
"Bash(find * -name package.json *)",
"Bash(ls -d *)",
"Bash(cat ~/.claude/*)",
"Bash(lsof -i:3*)"
]
}
}
Execution Steps
Command: /skill-permissions
Analyze all skills and show permission summary:
-
Scan all skills
find ~/.claude/skills -name "SKILL.md" -type f 2>/dev/null -
Analyze permissions for each skill
- Read SKILL.md content
- Extract bash code blocks
- Identify command patterns
- Generate permission rules
-
Output analysis results
Command: /skill-permissions <skill-name>
Analyze specific skill's permission requirements:
-
Locate skill
SKILL_PATH=$(find ~/.claude/skills -type d -name "<skill-name>" 2>/dev/null | head -1) -
Read and analyze SKILL.md
-
Output detailed permission list
Command: /skill-permissions allow <skill-name>
Execute one-time authorization for specific skill:
- Analyze skill permission requirements
- Read existing config
- Merge permission rules (deduplicate, preserve existing rules)
- Write config file
- Output authorization result
Blocked Commands
The following command patterns are automatically blocked and won't be added to the allowlist:
Dangerous File Operations
| Command | Reason |
|---------|--------|
| rm * | File deletion, may cause data loss |
| rm -rf * | Recursive force delete, extremely dangerous |
| sudo * | Super user privileges |
| chmod 777 * | Opens all permissions |
Dangerous Process Operations
| Command | Reason |
|---------|--------|
| kill -9 * | Force kill process |
| pkill * | Kill processes by name |
| curl * \| bash | Remote code execution |
| eval * | Dynamic code execution |
Dangerous Git Operations
| Command | Reason |
|---------|--------|
| git push --force * | Force push, may overwrite remote |
| git reset --hard * | Hard reset, loses uncommitted changes |
Output Format
Analysis Result (Single Skill)
Skill: port-allocator
Location: ~/.claude/skills/port-allocator
Detected commands:
- find ~/Codes -maxdepth 3 -name "package.json"
- ls -d */
- cat ~/.claude/port-registry.json
- lsof -i:3000
Generated permission rules:
- Bash(find * -maxdepth * -name package.json *)
- Bash(ls -d *)
- Bash(cat ~/.claude/*)
- Bash(lsof -i:3*)
Run `/skill-permissions allow port-allocator` to authorize
Authorization Success
Permission authorization successful
Skill: port-allocator
Added permission rules:
- Bash(find * -maxdepth * -name package.json *)
- Bash(ls -d *)
- Bash(cat ~/.claude/*)
- Bash(lsof -i:3*)
Config file: ~/.claude/settings.json
New permissions take effect in next session, or run /clear to apply immediately
Configuration Files
- Permission config:
~/.claude/settings.json - Skill directory:
~/.claude/skills/
First Use
If you encounter permission prompts, first run:
/skill-permissions allow
Command: /skill-permissions allow
Execute one-time authorization for this skill:
- Read
~/.claude/settings.json - Merge the following permissions to
permissions.allow:
{
"permissions": {
"allow": [
"Bash(find ~/.claude/skills *)",
"Bash(cat ~/.claude/*)"
]
}
}
- Write config file (preserve existing permissions)
- Output authorization result
Notes
- Conservative analysis - Only identify explicitly appearing commands, avoid over-authorization
- Deduplicated merge - New permissions merge with existing, no duplicates
- No deletion - Only adds permissions, won't delete user's existing permission config
- Wildcards - Use
*to match varying parameter parts - Session effect - Permission updates require new session or /clear to take effect
- Explicit preferred - Recommend explicit commands over batch operations to reduce risks
Related Skills
aiskillstore/hig-components-content
development
VerifiedTrustedCommunity
Apple Human Interface Guidelines for content display components. Use this skill when the user asks about charts component, collection view, image view, web view, color well, image well, activity view, lockup, data visualization, content display, displaying images, rendering web content, color pickers, or presenting collections of items in Apple apps. Also use when the user says how should I display charts, what's the best way to show images, should I use a web view, how do I build a grid of items, what component shows media, or how do I present a share sheet. Cross-references: hig-foundations for color/typography/accessibility, hig-patterns for data visualization patterns, hig-components-layout for structural containers, hig-platforms for platform-specific component behavior.
244SKILL.mdUpdated Apr 10, 2026
aiskillstore/helpdesk-automation
tools
VerifiedTrustedCommunity
Automate HelpDesk tasks via Rube MCP (Composio): list tickets, manage views, use canned responses, and configure custom fields. Always search tools first for current schemas.
244SKILL.mdUpdated Apr 10, 2026
aiskillstore/haskell-pro
testing
VerifiedTrustedCommunity
Expert Haskell engineer specializing in advanced type systems, pure functional design, and high-reliability software. Use PROACTIVELY for type-level programming, concurrency, and architecture guidance.
244SKILL.mdUpdated Apr 10, 2026
aiskillstore/graphql
tools
VerifiedTrustedCommunity
GraphQL gives clients exactly the data they need - no more, no less. One endpoint, typed schema, introspection. But the flexibility that makes it powerful also makes it dangerous. Without proper controls, clients can craft queries that bring down your server. This skill covers schema design, resolvers, DataLoader for N+1 prevention, federation for microservices, and client integration with Apollo/urql. Key insight: GraphQL is a contract. The schema is the API documentation. Design it carefully.
244SKILL.mdUpdated Apr 10, 2026