oliver-kriska/phx:permissions

Permission Analyzer

Scan recent session transcripts to find Bash commands you keep approving, cross-reference with current settings.json, and recommend adding the missing ones.

Primary goal: Discover MISSING permissions from actual usage. Secondary goal: Clean up redundant/garbage entries.

Usage

/phx:permissions [--days=14] [--dry-run] — Scans session JSONL files, finds uncovered Bash commands, classifies risk, and recommends settings.json changes. Use --dry-run to preview without writing.

Arguments

$ARGUMENTS — --days=N (default: 14), --dry-run (preview only).

Iron Laws

1. NEVER auto-allow RED — rm, sudo, kill, curl|sh, mix ecto.reset, git push --force, chmod 777
2. Evidence-based only — Only recommend commands actually approved in sessions
3. Show before writing — Present full diff, get explicit confirmation
4. Preserve existing — Merge, never overwrite

Risk Classification

| Level | Examples | Action | |-------|----------|--------| | GREEN | ls, cat, grep, tail, which, mkdir, cd, mix test/compile/credo/format, git status/log/diff | Auto-recommend | | YELLOW | git add/commit/push, mix ecto.migrate, mix deps.get, npm install, docker build/run, source, mise exec | Recommend with note | | RED | rm -rf, sudo, kill, curl|sh,mix ecto.reset/drop,git push --force,git reset --hard | Never recommend |

Workflow

Step 1: Extract Bash Commands from Session JSONL Files

Run the extraction script from ${CLAUDE_SKILL_DIR}/references/extraction-script.md. This scans all project JSONL files from the last N days, checks each Bash command against current settings.json patterns, and reports uncovered commands with counts.

IMPORTANT: Run this FIRST. Do NOT skip to settings cleanup.

Step 2: Classify and Recommend

For each uncovered command from Step 1 output:

1. Classify as GREEN / YELLOW / RED per table above
2. Generate permission pattern: normalize to Bash(base_command *) format (use SPACE before *, NOT colon — :* is deprecated)
   • mkdir -p (94x) → Bash(mkdir *)
   • mise exec (39x) → Bash(mise *)
   • tail -5 (20x) → Bash(tail *)
3. Check for redundancy: skip if a broader existing pattern covers it
4. Also scan for garbage in current settings: Bash(done), Bash(fi), Bash(__NEW_LINE_*), partial heredocs, entries covered by broader patterns
5. Fix deprecated :* patterns — replace any Bash(name:*) with Bash(name *) (space before *). The :* suffix is deprecated and may not match reliably

Present a combined table:

## Permission Recommendations (last N days)

### ADD — Missing permissions (from session scan)
| Pattern to Add | Times Used | Risk | Example |
|...

### REMOVE — Redundant/garbage entries
| Entry | Reason |
|...

### RED — Require manual approval (not adding)
| Command | Count | Risk |
|...

Step 3: Interactive Triage (unless --dry-run)

Walk through findings interactively using AskUserQuestion. Present items in batches by risk level, starting with GREEN (safest):

Batch 1 — GREEN items (read-only, tests, safe tools): Use AskUserQuestion with options:

• "Add all GREEN" — approve entire batch
• "Pick individually" — show each one for yes/no
• "Skip GREEN" — move to YELLOW

Batch 2 — YELLOW items (write ops, need caution): Always show individually — one AskUserQuestion per item with options:

• "Add" — include in settings
• "Skip" — keep requiring manual approval
• "Customize" — let user edit the pattern before adding

Batch 3 — REMOVE candidates (garbage/redundant): Use AskUserQuestion with options:

• "Remove all" — clean up entire batch
• "Pick individually" — show each for yes/no
• "Keep all" — skip cleanup

Track approved items in a list. After triage, show final summary of what will be added/removed and ask for confirmation.

Step 4: Apply

Merge approved additions into ~/.claude/settings.json under permissions.allow. Remove approved garbage entries. Report final counts.

References

• ${CLAUDE_SKILL_DIR}/references/risk-classification.md — Full classification rules
• ${CLAUDE_SKILL_DIR}/references/settings-format.md — Permission pattern format

Related

Long mix output flooding context? /phx:mix-compression installs rtk filters that compress mix test/credo/dialyzer/compile output before it reaches the transcript (5-15% token savings on mix-heavy sessions).