Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

melodic-software/permission-management

Name: permission-management
Author: melodic-software

plugins/claude-ecosystem/skills/permission-management/SKILL.md

npx skillsauth add melodic-software/claude-code-plugins permission-management

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

Permission Management Skill

MANDATORY: Invoke docs-management First

STOP - Before providing ANY response about Claude Code permissions:

INVOKE docs-management skill

QUERY for the user's specific topic

BASE all responses EXCLUSIVELY on official documentation loaded

Skipping this step results in outdated or incorrect information.

Verification Checkpoint

Before responding, verify:

[ ] Did I invoke docs-management skill?
[ ] Did official documentation load?
[ ] Is my response based EXCLUSIVELY on official docs?

If ANY checkbox is unchecked, STOP and invoke docs-management first.

Overview

Central authority for Claude Code permissions. This skill uses 100% delegation to docs-management - it contains NO duplicated official documentation.

Architecture: Pure delegation with keyword registry. All official documentation is accessed via docs-management skill queries.

When to Use This Skill

Keywords: permissions, allow rules, deny rules, ask rules, permission modes, defaultMode, acceptEdits, bypassPermissions, plan mode, tool permissions, Bash permissions, Read permissions, Edit permissions, WebFetch permissions, MCP permissions, additionalDirectories, /permissions

Use this skill when:

Configuring permission rules
Understanding permission modes
Setting up tool-specific permissions
Troubleshooting permission issues
Adding additional working directories
Understanding rule precedence

Keyword Registry for docs-management Queries

Use these keywords when querying docs-management skill for official documentation:

Permission System

| Topic | Keywords | | --- | --- | | Overview | "permission system", "tiered permissions", "approval required" | | Configuration | "configuring permissions", "/permissions command" | | Rule Types | "allow rules", "ask rules", "deny rules" | | Precedence | "rule precedence", "deny > ask > allow" |

Permission Modes

⚠️ STALENESS WARNING: Do NOT hardcode permission mode names or values. Query docs-management for the authoritative list of permission modes.

| Topic | Query Pattern | What You'll Find | | --- | --- | --- | | All Modes | "iam.md permission modes" | Complete list of available modes | | Mode Behavior | "iam.md defaultMode acceptEdits" | Mode descriptions and effects | | Mode Configuration | "iam.md configuring permission mode" | How to set modes |

Tool-Specific Rules

⚠️ STALENESS WARNING: Do NOT hardcode tool names or pattern syntax. Query docs-management for the authoritative list of tools and permission patterns.

| Topic | Query Pattern | What You'll Find | | --- | --- | --- | | Bash Rules | "iam.md Bash permissions pattern matching" | Bash permission syntax | | File Rules | "iam.md Read Edit permissions gitignore" | File permission patterns | | Path Patterns | "iam.md path pattern types" | Absolute, home, relative patterns | | WebFetch Rules | "iam.md WebFetch domain permissions" | Domain pattern syntax | | MCP Rules | "iam.md MCP permissions mcp__server" | MCP tool permission syntax |

Security Considerations (v2.1.6+)

⚠️ SECURITY: These topics cover security-sensitive permission behaviors. Query docs-management for the authoritative guidance.

| Topic | Query Pattern | What You'll Find | | --- | --- | --- | | Wildcard + Shell Operators | "iam.md wildcard rules shell operators compound commands" | SECURITY FIX (v2.1.7): Wildcard rules matching compound commands | | Line Continuation Bypass | "iam.md permission bypass line continuation" | SECURITY FIX (v2.1.6): Shell line continuation escape prevention |

Working Directories

| Topic | Keywords | | --- | --- | | Additional Dirs | "additionalDirectories", "--add-dir" | | Working Directory | "working directories", "file access scope" |

Quick Decision Tree

What do you want to do?

Set up allow rules -> Query docs-management: "allow rules", "auto-approve"
Set up deny rules -> Query docs-management: "deny rules", "prevent usage"
Set up ask rules -> Query docs-management: "ask rules", "confirmation required"
Change permission mode -> Query docs-management: "permission modes", "defaultMode"
Configure Bash permissions -> Query docs-management: "Bash permissions", "Bash pattern matching"
Configure file permissions -> Query docs-management: "Read Edit permissions", "gitignore-style"
Add working directories -> Query docs-management: "additionalDirectories", "--add-dir"
Configure MCP permissions -> Query docs-management: "MCP permissions", "mcp__server"

Topic Coverage

Permission System Topics

Tiered permission model (read-only, bash, file modification)
Allow rules (auto-approve)
Ask rules (confirmation required)
Deny rules (prevent usage)
Rule precedence (deny > ask > allow)
Permission rule format

Permission Modes Topics

default mode (standard prompting)
acceptEdits mode (auto-accept file edits)
plan mode (analyze only, no modifications)
bypassPermissions mode (skip all prompts)

Tool Permission Rules

Bash permission patterns (exact match, prefix match)
Bash pattern limitations
Read and Edit gitignore-style patterns
Path pattern types (absolute, home, relative)
WebFetch domain permissions
MCP tool permissions (no wildcards)
Hooks for custom permission evaluation

Working Directories Topics

additionalDirectories configuration
--add-dir CLI flag
Scope of file access

Troubleshooting Quick Reference

| Issue | Keywords for docs-management | | --- | --- | | Permission too restrictive | "allow rules", "auto-approve" | | Permission too permissive | "deny rules", "prevent usage" | | Wrong mode active | "permission modes", "defaultMode" | | MCP tools blocked | "MCP permissions", "mcp__server" | | Can't access files | "additionalDirectories", "--add-dir" |

Related Skills

sandbox-configuration - For sandboxing and isolation
enterprise-security - For managed policies
settings-management - For general configuration

Version History

v1.1.0 (2026-01-16): Security fixes keyword registry
- Added Security Considerations section (v2.1.6+)
- Added wildcard + shell operators security fix keywords (v2.1.7)
- Added line continuation bypass security fix keywords (v2.1.6)
v1.0.0 (2025-11-30): Initial release (split from security-meta)
- Focused on permissions only
- Pure delegation architecture
- Comprehensive keyword registry

Last Updated

Date: 2026-01-16 Model: claude-opus-4-5-20251101

melodic-software/permission-management

plugins/claude-ecosystem/skills/permission-management/SKILL.md

Central authority for Claude Code permissions. Covers permission system (tiered model, read-only, bash, file modification), permission rules (allow, ask, deny), rule precedence, permission modes (default, acceptEdits, plan, bypassPermissions), tool-specific permission rules (Bash patterns, Read/Edit patterns, WebFetch domains, MCP tools), /permissions command, and additionalDirectories. Assists with configuring permission rules, understanding permission modes, and troubleshooting permission issues. Delegates 100% to docs-management skill for official documentation.

47 stars

tools

Updated Apr 7, 2026

$ install --global

skillsauth

npx skillsauth add melodic-software/claude-code-plugins permission-management

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: Apr 7, 2026, 8:35 AM13.8s1 file scanned

SKILL.md

name:: permission-management
description:: Central authority for Claude Code permissions. Covers permission system (tiered model, read-only, bash, file modification), permission rules (allow, ask, deny), rule precedence, permission modes (default, acceptEdits, plan, bypassPermissions), tool-specific permission rules (Bash patterns, Read/Edit patterns, WebFetch domains, MCP tools), /permissions command, and additionalDirectories. Assists with configuring permission rules, understanding permission modes, and troubleshooting permission issues. Delegates 100% to docs-management skill for official documentation.
user-invocable:: false
allowed-tools:: Read, Glob, Grep, Skill

Permission Management Skill

MANDATORY: Invoke docs-management First

STOP - Before providing ANY response about Claude Code permissions:

INVOKE docs-management skill

QUERY for the user's specific topic

BASE all responses EXCLUSIVELY on official documentation loaded

Skipping this step results in outdated or incorrect information.

Verification Checkpoint

Before responding, verify:

[ ] Did I invoke docs-management skill?
[ ] Did official documentation load?
[ ] Is my response based EXCLUSIVELY on official docs?

If ANY checkbox is unchecked, STOP and invoke docs-management first.

Overview

Central authority for Claude Code permissions. This skill uses 100% delegation to docs-management - it contains NO duplicated official documentation.

Architecture: Pure delegation with keyword registry. All official documentation is accessed via docs-management skill queries.

When to Use This Skill

Use this skill when:

Configuring permission rules
Understanding permission modes
Setting up tool-specific permissions
Troubleshooting permission issues
Adding additional working directories
Understanding rule precedence

Keyword Registry for docs-management Queries

Use these keywords when querying docs-management skill for official documentation:

Permission System

Permission Modes

⚠️ STALENESS WARNING: Do NOT hardcode permission mode names or values. Query docs-management for the authoritative list of permission modes.

Tool-Specific Rules

⚠️ STALENESS WARNING: Do NOT hardcode tool names or pattern syntax. Query docs-management for the authoritative list of tools and permission patterns.

Security Considerations (v2.1.6+)

⚠️ SECURITY: These topics cover security-sensitive permission behaviors. Query docs-management for the authoritative guidance.

Working Directories

| Topic | Keywords | | --- | --- | | Additional Dirs | "additionalDirectories", "--add-dir" | | Working Directory | "working directories", "file access scope" |

Quick Decision Tree

What do you want to do?

Set up allow rules -> Query docs-management: "allow rules", "auto-approve"
Set up deny rules -> Query docs-management: "deny rules", "prevent usage"
Set up ask rules -> Query docs-management: "ask rules", "confirmation required"
Change permission mode -> Query docs-management: "permission modes", "defaultMode"
Configure Bash permissions -> Query docs-management: "Bash permissions", "Bash pattern matching"
Configure file permissions -> Query docs-management: "Read Edit permissions", "gitignore-style"
Add working directories -> Query docs-management: "additionalDirectories", "--add-dir"
Configure MCP permissions -> Query docs-management: "MCP permissions", "mcp__server"

Topic Coverage

Permission System Topics

Tiered permission model (read-only, bash, file modification)
Allow rules (auto-approve)
Ask rules (confirmation required)
Deny rules (prevent usage)
Rule precedence (deny > ask > allow)
Permission rule format

Permission Modes Topics

default mode (standard prompting)
acceptEdits mode (auto-accept file edits)
plan mode (analyze only, no modifications)
bypassPermissions mode (skip all prompts)

Tool Permission Rules

Bash permission patterns (exact match, prefix match)
Bash pattern limitations
Read and Edit gitignore-style patterns
Path pattern types (absolute, home, relative)
WebFetch domain permissions
MCP tool permissions (no wildcards)
Hooks for custom permission evaluation

Working Directories Topics

additionalDirectories configuration
--add-dir CLI flag
Scope of file access

Troubleshooting Quick Reference

Related Skills

sandbox-configuration - For sandboxing and isolation
enterprise-security - For managed policies
settings-management - For general configuration

Version History

v1.1.0 (2026-01-16): Security fixes keyword registry
- Added Security Considerations section (v2.1.6+)
- Added wildcard + shell operators security fix keywords (v2.1.7)
- Added line continuation bypass security fix keywords (v2.1.6)
v1.0.0 (2025-11-30): Initial release (split from security-meta)
- Focused on permissions only
- Pure delegation architecture
- Comprehensive keyword registry

Last Updated

Date: 2026-01-16 Model: claude-opus-4-5-20251101

Related Skills

melodic-software/milan-jovanovic-blog

development

VerifiedTrustedCommunity

Search Milan Jovanovic's .NET blog for Clean Architecture, DDD, CQRS, EF Core, and ASP.NET Core patterns. Use for finding applicable patterns, code examples, and architecture guidance. Invoke when working with .NET projects that could benefit from proven architectural patterns.

47SKILL.mdUpdated Apr 7, 2026

melodic-software/milan-jovanovic-blog

melodic-software/setup-dab

tools

VerifiedTrustedCommunity

Install and configure Data API Builder (DAB) for production SQL Server MCP access with RBAC

47SKILL.mdUpdated Apr 7, 2026

melodic-software/setup-dab

melodic-software/mssql

tools

VerifiedTrustedCommunity

Manage MssqlMcp servers - status, rebuild, and upstream updates

47SKILL.mdUpdated Apr 7, 2026

melodic-software/mssql

melodic-software/onboarding

tools

VerifiedTrustedCommunity

Developer environment setup guides for Windows, macOS, Linux, and WSL. Use when setting up development machines, installing tools, configuring environments, or following platform-specific setup guides. Covers package management, shell/terminal, code editors, AI tooling, containerization, databases, and more.

47SKILL.mdUpdated Apr 7, 2026

melodic-software/onboarding

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/melodic-software/claude-code-plugins.git

# Copy into Claude Code skills folder (global)
cp -r claude-code-plugins/plugins/claude-ecosystem/skills/permission-management ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

melodic-software/claude-code-plugins

47 stars

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT