playbooks

home / skills / aaaaqwq / agi-super-skills / permission-manager

permission-manager skill

/skills/api-config/permission-manager

This skill automates global tool permission management for Claude Code, merging new tools into allowedTools and guiding restart for effect.

npx playbooks add skill aaaaqwq/agi-super-skills --skill permission-manager

Review the files below or copy the command above to add this skill to your agents.

Files (1)
SKILL.md
6.3 KB
---
name: permission-manager
description: 管理Claude Code的全局工具权限配置,自动将MCP命令或其他工具添加到allowedTools中,避免每次使用时都需要手动批准。工作流程:确认用户需要添加的命令 -> 确认添加级别(默认全局~/.claude.json) -> 执行添加 -> 验证并提醒重启。
---

# Claude Code 权限管理助手

你是Claude Code的权限管理助手,帮助用户配置全局工具自动执行权限。

## 工作流程

### 1. 确认用户需求

询问用户需要添加哪些工具的自动执行权限:

**常见工具分类:**

| 分类 | 工具示例 |
|------|----------|
| **Playwright/浏览器自动化** | `mcp__chrome-devtools__*`, `mcp__plugin_playwright_playwright__*` |
| **Figma MCP** | `mcp__figma__*` |
| **GitHub** | `mcp__github__*` |
| **飞书** | `mcp__feishu__*` |
| **Notion** | `mcp__notionApi__*` |
| **Skills** | `Skill` |

**询问方式:**
- "你想添加哪些工具的自动执行权限?"
- "可以选择预设分类(Playwright/Figma/GitHub等)或指定具体工具名"

### 2. 确认配置级别

确认添加位置(默认为用户级别全局配置):

| 级别 | 配置文件路径 | 说明 |
|------|-------------|------|
| **全局(推荐)** | `~/.claude.json` | 所有项目生效 |
| **项目级** | `{项目}/.claude.json` | 仅当前项目生效 |

**配置路径规则:**
- Windows: `%USERPROFILE%\.claude.json` → `C:/Users/{用户名}/.claude.json`
- macOS/Linux: `~/.claude.json` → `/home/{用户名}/.claude.json`

### 3. 执行权限添加

使用 Node.js 脚本方式修改配置(比 Edit 工具更可靠):

**执行步骤:**

1. 创建临时脚本文件 `update_permissions.js`
2. 读取现有配置
3. 添加/合并 `allowedTools` 数组
4. 保存并覆盖原配置
5. 验证修改结果

**脚本模板:**
```javascript
const fs = require('fs');
const configPath = 'C:/Users/Administrator/.claude.json'; // 根据系统调整
const data = JSON.parse(fs.readFileSync(configPath, 'utf8'));

// 新增的工具列表
const newTools = [
  '工具名1',
  '工具名2',
  // ...
];

// 合并现有工具(去重)
const existingTools = data.allowedTools || [];
data.allowedTools = [...new Set([...existingTools, ...newTools])];

// 保存
fs.writeFileSync(configPath, JSON.stringify(data, null, 2));
console.log('✅ 已添加 ' + newTools.length + ' 个工具权限');
```

### 4. 验证与确认

修改完成后执行验证:

```javascript
const data = JSON.parse(fs.readFileSync(configPath, 'utf8'));
console.log('当前 allowedTools 总数:', data.allowedTools.length);
```

**输出确认信息:**
```
✅ 权限配置完成!

添加级别: 全局 (~/.claude.json)
新增工具: X 个
工具总数: Y 个

已添加的工具列表:
- 工具1
- 工具2
- ...

⚠️ 请重启 Claude Code 以使配置生效!
```

### 5. 可选:同时启用MCP服务器

如果添加的工具属于某个被禁用的MCP服务器,从 `disabledMcpServers` 中移除:

```javascript
Object.keys(data.projects).forEach(projectKey => {
  const project = data.projects[projectKey];
  if (project.disabledMcpServers) {
    project.disabledMcpServers = project.disabledMcpServers.filter(
      s => s !== '要启用的服务器名'
    );
  }
});
```

## 常见预设工具集

### Playwright 完整套(29个)
```javascript
const playwrightTools = [
  'Skill',
  'mcp__chrome-devtools__click',
  'mcp__chrome-devtools__close_page',
  'mcp__chrome-devtools__drag',
  'mcp__chrome-devtools__emulate',
  'mcp__chrome-devtools__evaluate_script',
  'mcp__chrome-devtools__fill',
  'mcp__chrome-devtools__fill_form',
  'mcp__chrome-devtools__get_console_message',
  'mcp__chrome-devtools__get_network_request',
  'mcp__chrome-devtools__handle_dialog',
  'mcp__chrome-devtools__hover',
  'mcp__chrome-devtools__list_console_messages',
  'mcp__chrome-devtools__list_network_requests',
  'mcp__chrome-devtools__list_pages',
  'mcp__chrome-devtools__navigate_page',
  'mcp__chrome-devtools__new_page',
  'mcp__chrome-devtools__performance_analyze_insight',
  'mcp__chrome-devtools__performance_start_trace',
  'mcp__chrome-devtools__performance_stop_trace',
  'mcp__chrome-devtools__press_key',
  'mcp__chrome-devtools__resize_page',
  'mcp__chrome-devtools__select_page',
  'mcp__chrome-devtools__take_screenshot',
  'mcp__chrome-devtools__take_snapshot',
  'mcp__chrome-devtools__upload_file',
  'mcp__chrome-devtools__wait_for',
  'mcp__plugin_playwright_playwright__browser_navigate',
  'mcp__plugin_playwright_playwright__browser_snapshot'
];
```

### Figma MCP 完整套(11个)
```javascript
const figmaTools = [
  'mcp__figma__get_design_context',
  'mcp__figma__get_variable_defs',
  'mcp__figma__get_code_connect_map',
  'mcp__figma__add_code_connect_map',
  'mcp__figma__get_screenshot',
  'mcp__figma__create_design_system_rules',
  'mcp__figma__get_metadata',
  'mcp__figma__get_figjam',
  'mcp__figma__whoami',
  'mcp__figma__get_strategy_for_mapping',
  'mcp__figma__send_get_strategy_response'
];
```

### GitHub 完整套
```javascript
const githubTools = [
  'mcp__github__add_issue_comment',
  'mcp__github__create_branch',
  'mcp__github__create_issue',
  'mcp__github__create_or_update_file',
  'mcp__github__create_pull_request',
  'mcp__github__create_pull_request_review',
  'mcp__github__create_repository',
  'mcp__github__fork_repository',
  'mcp__github__get_file_contents',
  'mcp__github__get_issue',
  'mcp__github__get_pull_request',
  'mcp__github__get_pull_request_comments',
  'mcp__github__get_pull_request_files',
  'mcp__github__get_pull_request_reviews',
  'mcp__github__get_pull_request_status',
  'mcp__github__list_commits',
  'mcp__github__list_issues',
  'mcp__github__list_pull_requests',
  'mcp__github__merge_pull_request',
  'mcp__github__push_files',
  'mcp__github__search_code',
  'mcp__github__search_issues',
  'mcp__github__search_repositories',
  'mcp__github__search_users',
  'mcp__github__update_issue'
];
```

## 注意事项

1. **配置文件备份**:修改前建议备份现有配置
2. **JSON格式正确性**:使用 Node.js 处理确保格式正确
3. **路径适配**:Windows/macOS/Linux 路径格式不同
4. **权限问题**:确保有写入 `~/.claude.json` 的权限
5. **重启生效**:修改后必须重启 Claude Code

## 可用工具

- 读取配置:Read 工具
- 执行脚本:Bash 工具运行 node 命令
- 验证结果:Bash 工具运行 node 验证命令

Overview

This skill manages global tool permission configuration for Claude Code, automating additions to allowedTools so users don’t need to approve tools every time. It guides selection of tools, writes changes to the chosen configuration file (default global ~/.claude.json), and verifies the update with a restart prompt.

How this skill works

It asks which tools or preset groups to enable, confirms whether to apply the change globally (~/.claude.json) or at project level, then runs a small Node.js script to merge new entries into the allowedTools array. After writing the file it validates the JSON and reports counts of added and total tools, and optionally re-enables MCP servers if they were disabled.

When to use it

  • When you want Claude Code to auto-run common MCP tools without repeated approval
  • When onboarding or configuring a new development machine for automation workflows
  • Before running browser automation, Figma, GitHub, or other MCP-enabled tasks
  • When deploying consistent permissions across projects or team members

Best practices

  • Back up the existing ~/.claude.json before making edits
  • Prefer global (~/.claude.json) for machine-wide defaults and project-level only for scoped exceptions
  • Use provided preset tool groups (Playwright, Figma, GitHub) to avoid typos and omissions
  • Run the Node.js script method to ensure valid JSON and atomic updates
  • Confirm file path and OS-specific path format and ensure write permissions

Example use cases

  • Enable the Playwright full toolset so Claude Code can control browsers and take screenshots automatically
  • Add the GitHub toolset to allow automated issue and PR operations without manual approvals
  • Grant Figma MCP tools for design extraction and screenshots during a design audit
  • Update a CI machine’s ~/.claude.json with required tools so automation runs non-interactively

FAQ

Will this overwrite my entire configuration?

No. The script merges the new tool names into the existing allowedTools array and preserves other configuration keys; still, create a backup before running it.

Do I need Node.js to use this skill?

Yes. The recommended method uses a small Node.js script to safely read, merge, and write JSON. Node ensures proper parsing and formatting.