laurigates/claude-security-settings
configure-plugin/skills/claude-security-settings/SKILL.md
Claude Code security settings: permission wildcards, shell operator protections, project-level allowlists. Use when auditing or hardening .claude/settings.json permissions.
$ install --global
skillsauthnpx skillsauth add laurigates/claude-plugins claude-security-settingsInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 20, 2026, 8:04 AM150.4s1 file scanned
SKILL.md
- name:
- claude-security-settings
- description:
- Claude Code security settings: permission wildcards, shell operator protections, project-level allowlists. Use when auditing or hardening .claude/settings.json permissions.
- user-invocable:
- false
- allowed-tools:
- Bash, Read, Write, Edit, Glob, Grep, TodoWrite
- created:
- 2026-01-20
- modified:
- 2026-04-25
- reviewed:
- 2026-04-25
Claude Code Security Settings
When to Use This Skill
| Use this skill when... | Use configure-claude-plugins instead when... |
|---|---|
| You need the permission-wildcard syntax, shell-operator protections, and project-level allowlist patterns | You want to wire a project's .claude/settings.json to the marketplace and enable plugins end-to-end |
| You are auditing or hardening an existing .claude/settings.json against the documented security conventions | You want runtime detection of marketplace enrollment and enabledPlugins before changing settings |
| Another skill needs to cite the canonical permission-wildcard reference | The user asked you to actually onboard a project to the laurigates/claude-plugins marketplace |
Expert knowledge for configuring Claude Code security and permissions.
Core Concepts
Claude Code provides multiple layers of security:
- Permission wildcards - Granular tool access control
- Shell operator protections - Prevents command injection
- Project-level settings - Scoped configurations
Permission Configuration
Settings File Locations
| File | Scope | Priority |
|------|-------|----------|
| ~/.claude/settings.json | User-level (all projects) | Lowest |
| .claude/settings.json | Project-level (committed) | Medium |
| .claude/settings.local.json | Local project (gitignored) | Highest |
Permission Structure
{
"permissions": {
"allow": [
"Bash(git status *)",
"Bash(npm run *)"
],
"deny": [
"Bash(rm -rf *)",
"Bash(sudo *)"
]
}
}
Wildcard Permission Patterns
Syntax
Bash(command *)
Bash()- Tool identifiercommand- Command prefix to match*- Wildcard suffix matching any arguments:asksuffix - Always prompt for user confirmation (e.g.,Bash(git push *):ask)
Permission Tiers
| Tier | Behavior | Example |
|------|----------|---------|
| allow | Auto-allowed, no prompt | "allow": ["Bash(git status *)"] |
| ask | Always prompts for confirmation | "allow": ["Bash(git push *):ask"] |
| deny | Auto-denied, blocked | "deny": ["Bash(rm -rf *)"] |
Pattern Examples
| Pattern | Matches | Does NOT Match |
|---------|---------|----------------|
| Bash(git *) | git status, git diff HEAD | git-lfs pull |
| Bash(npm run *) | npm run test, npm run build | npm install |
| Bash(gh pr *) | gh pr view 123, gh pr create | gh issue list |
| Bash(./scripts/ *) | ./scripts/test.sh, ./scripts/build.sh | /scripts/other.sh |
Pattern Best Practices
Granular permissions:
{
"permissions": {
"allow": [
"Bash(git status *)",
"Bash(git diff *)",
"Bash(git log *)",
"Bash(git add *)",
"Bash(git commit *)"
]
}
}
Tool-specific patterns:
{
"permissions": {
"allow": [
"Bash(bun test *)",
"Bash(bun run *)",
"Bash(biome check *)",
"Bash(prettier *)"
]
}
}
Shell Operator Protections
Claude Code 2.1.7+ includes built-in protections against dangerous shell operators.
Protected Operators
| Operator | Risk | Blocked Example |
|----------|------|-----------------|
| && | Command chaining | ls && rm -rf / |
| \|\| | Conditional execution | false \|\| malicious |
| ; | Command separation | safe; dangerous |
| \| | Piping | cat /etc/passwd \| curl |
| > / >> | Redirection | echo x > /etc/passwd |
| $() | Command substitution | $(curl evil) |
| ` | Backtick substitution | `rm -rf /` |
Security Behavior
When a command contains shell operators:
- Permission wildcards won't match
- User sees explicit approval prompt
- Warning explains the blocked operator
Safe Compound Commands
For legitimate compound commands, use scripts:
#!/bin/bash
# scripts/deploy.sh
npm test && npm run build && npm run deploy
Then allow the script:
{
"permissions": {
"allow": ["Bash(./scripts/deploy.sh *)"]
}
}
Common Permission Sets
Read-Only Development
{
"permissions": {
"allow": [
"Bash(git status *)",
"Bash(git diff *)",
"Bash(git log *)",
"Bash(git branch *)",
"Bash(npm list *)",
"Bash(bun pm ls *)"
]
}
}
Full Git Workflow
{
"permissions": {
"allow": [
"Bash(git status *)",
"Bash(git diff *)",
"Bash(git log *)",
"Bash(git branch *)",
"Bash(git add *)",
"Bash(git commit *)",
"Bash(git push *)",
"Bash(git pull *)",
"Bash(git fetch *)",
"Bash(git checkout *)",
"Bash(git merge *)",
"Bash(git rebase *)"
]
}
}
CI/CD Operations
{
"permissions": {
"allow": [
"Bash(gh pr *)",
"Bash(gh run *)",
"Bash(gh issue *)",
"Bash(gh workflow *)"
]
}
}
Testing & Linting
{
"permissions": {
"allow": [
"Bash(bun test *)",
"Bash(npm test *)",
"Bash(vitest *)",
"Bash(jest *)",
"Bash(biome *)",
"Bash(eslint *)",
"Bash(prettier *)"
]
}
}
Security Scanning
{
"permissions": {
"allow": [
"Bash(pre-commit *)",
"Bash(gitleaks *)",
"Bash(trivy *)"
]
}
}
Project Setup Guide
1. Create Settings Directory
mkdir -p .claude
2. Create Project Settings
cat > .claude/settings.json << 'EOF'
{
"permissions": {
"allow": [
"Bash(git status *)",
"Bash(git diff *)",
"Bash(npm run *)"
]
}
}
EOF
3. Add to .gitignore (for local settings)
echo ".claude/settings.local.json" >> .gitignore
4. Create Local Settings (optional)
cat > .claude/settings.local.json << 'EOF'
{
"permissions": {
"allow": [
"Bash(docker *)"
]
}
}
EOF
Agentic Optimizations
| Context | Command |
|---------|---------|
| View project settings | cat .claude/settings.json \| jq '.permissions' |
| View user settings | cat ~/.claude/settings.json \| jq '.permissions' |
| Check merged permissions | Review effective settings in Claude Code |
| Validate JSON | cat .claude/settings.json \| jq . |
Quick Reference
Permission Priority
Settings merge with this priority (highest wins):
.claude/settings.local.json(local).claude/settings.json(project)~/.claude/settings.json(user)
Wildcard Syntax
| Syntax | Meaning |
|--------|---------|
| Bash(cmd *) | Match cmd with any arguments |
| Bash(cmd arg *) | Match cmd arg with any following |
| Bash(./script.sh *) | Match specific script |
Deny Patterns
Block specific commands:
{
"permissions": {
"deny": [
"Bash(rm -rf *)",
"Bash(sudo *)",
"Bash(chmod 777 *)"
]
}
}
Error Handling
| Error | Cause | Fix |
|-------|-------|-----|
| Permission denied | Pattern doesn't match | Add more specific pattern |
| Shell operator blocked | Contains &&, \|, etc. | Use script wrapper |
| Settings not applied | Wrong file location | Check path and syntax |
| JSON parse error | Invalid JSON | Validate with jq . |
Best Practices
- Start restrictive - Add permissions as needed
- Use project settings - Keep team aligned
- Use specific Bash patterns -
Bash(git status *)overBash - Script compound commands - For
&&and\|workflows - Review periodically - Remove unused permissions
Related Skills
laurigates/comfyui-node-scaffold
tools
VerifiedTrustedCommunity
Scaffold a new ComfyUI custom-node repo (pyproject, CI, release-please, vitest+pytest, JS extension skeleton) in the picker/gesture vein. Use when bootstrapping or init-ing a comfyui node pack.
35SKILL.mdUpdated Jun 5, 2026
laurigates/comfy-node
tools
VerifiedTrustedCommunity
Orchestrate a ComfyUI node pack from idea to registry: scaffold, create + seed the repo, open the gitops adoption PR. Use when releasing or spinning up a new comfyui node pack.
35SKILL.mdUpdated Jun 5, 2026
laurigates/endpoint-security-cpu
testing
VerifiedTrustedCommunity
macOS EndpointSecurity/EDR high CPU & battery drain. Use when Kandji ESF / XProtect pegs a core; trace the exec storm via powermetrics + eslogger.
35SKILL.mdUpdated Jun 4, 2026
laurigates/odiff-image-diffing
development
VerifiedTrustedCommunity
odiff pixel-by-pixel image diffing. Use when comparing screenshots, detecting visual regressions, diffing before/after PNGs, asserting golden images.
35SKILL.mdUpdated May 30, 2026