home / skills / arjenschwarz / agentic-coding / permission-analyzer

permission-analyzer skill

safe

/claude/skills/permission-analyzer

This skill analyzes session history to generate precise Claude Code permissions and helps merge them into settings.

npx playbooks add skill arjenschwarz/agentic-coding --skill permission-analyzer

Review the files below or copy the command above to add this skill to your agents.

Files (2)

SKILL.md

1.9 KB

---
name: permission-analyzer
description: Generate Claude Code permissions config from session history. Use when setting up autonomous mode, configuring .claude/settings.json, avoiding --dangerously-skip-permissions, or analyzing what permissions a project needs. Reads session logs to extract Bash commands and MCP tools actually used, then generates appropriate allow/deny rules.
# model: inherit
# allowedTools: []
---

# Permission Analyzer

Generate permissions configuration based on actual tool usage from past sessions.

## Workflow

1. Run the analysis script for the current project:
   ```bash
   ~/.claude/skills/permission-analyzer/scripts/analyze_permissions.py
   ```

2. Review the generated permissions output

3. Offer to merge into existing settings:
   - If `.claude/settings.json` exists, merge the `permissions` section
   - If not, create new file with generated config
   - Preserve existing settings (model, env, etc.)

## Script Output

The script outputs to stderr (summary) and stdout (JSON):

```
Analyzing: /path/to/project
Sessions analyzed: 42

Bash commands found:
  git: 150
  make: 80
  go: 45

MCP tools found:
  mcp__devtools__think

{
  "permissions": {
    "allow": ["Bash(git:*)", "Bash(go:*)", ...],
    "deny": [...],
    "defaultMode": "acceptEdits"
  }
}
```

## Generated Rules

**Allow list** includes:
- Development commands used (git, make, go, npm, cargo, etc.)
- Filesystem commands used (ls, mkdir, find, etc.)
- MCP server wildcards for servers that were used

**Deny list** includes:
- Dangerous gh operations (merge, delete, secrets, auth)
- Sensitive file patterns (.env, secrets/, *.pem, *.key)
- Destructive commands (rm -rf, sudo, chmod 777)

## Merging Settings

When `.claude/settings.json` exists, merge only the `permissions` key while preserving other settings. If user has custom allow/deny rules, ask whether to merge or replace.

Overview

This skill generates a Claude Code permissions configuration by analyzing past session logs and extracting which Bash commands and MCP tools were actually used. It produces a JSON permissions block with allow/deny lists and a default mode, and can merge that block into an existing .claude/settings.json while preserving other settings. Use it to avoid broad permissive flags and to run autonomous agents with minimal required access.

How this skill works

The analyzer scans session history and looks for executed Bash commands and referenced MCP servers/tools. It summarizes counts of commands, identifies filesystem and development tooling usage, and emits a permissions JSON with allow wildcards and a conservative deny list for sensitive operations. When a settings file exists, the script offers to merge only the permissions key or replace user rules, keeping model, env, and other configuration intact.

When to use it

Setting up autonomous mode or configuring .claude/settings.json for a project
Before using --dangerously-skip-permissions to avoid granting excessive access
Auditing what real tools and commands a project actually needs
Preparing a least-privilege permissions policy for CI, bots, or local agents
After a period of interactive sessions to refresh permissions based on recent usage

Best practices

Run the analyzer in the project root so paths and commands are detected accurately
Review generated allow rules and remove broad wildcards you don’t trust
Keep deny list conservative: block destructive git, secret management, and sensitive file patterns by default
When merging, prefer manual review if you or teammates have custom security rules
Re-run after major tooling changes or new integrations to keep permissions up to date

Example use cases

Create a minimal permissions block that allows git and build tools used in recent sessions (git, make, go)
Detect and deny sensitive patterns like .env, secrets/, *.pem and remove risky commands such as rm -rf or sudo
Merge generated permissions into an existing .claude/settings.json while preserving model and env variables
Audit historical session activity to document which MCP servers or custom tools were actually exercised
Generate a permissions baseline before enabling an autonomous workflow for CI agents

FAQ

What does the script output and where?

The script prints a summary to stderr and the full JSON permissions block to stdout for easy redirection or review.

Will it overwrite my existing settings file?

It will not overwrite unrelated settings; you can choose to merge the permissions section or replace existing permission rules after review.