permissions-from-transcripts
Use when seeding the project's `permissions.allow` list from observed YOLO sessions. Triggers: 'find safe commands to allow', 'review past transcripts for permissions', 'seed the allow list from YOLO sessions', 'propose permissions allow list', 'reduce permission prompts from transcripts'. NOT for: live permission grants during a session (use `/permissions`) or settings.json edits (use update-config).
Best use case
permissions-from-transcripts is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Use when seeding the project's `permissions.allow` list from observed YOLO sessions. Triggers: 'find safe commands to allow', 'review past transcripts for permissions', 'seed the allow list from YOLO sessions', 'propose permissions allow list', 'reduce permission prompts from transcripts'. NOT for: live permission grants during a session (use `/permissions`) or settings.json edits (use update-config).
Teams using permissions-from-transcripts should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/permissions-from-transcripts/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How permissions-from-transcripts Compares
| Feature / Agent | permissions-from-transcripts | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Use when seeding the project's `permissions.allow` list from observed YOLO sessions. Triggers: 'find safe commands to allow', 'review past transcripts for permissions', 'seed the allow list from YOLO sessions', 'propose permissions allow list', 'reduce permission prompts from transcripts'. NOT for: live permission grants during a session (use `/permissions`) or settings.json edits (use update-config).
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
<analysis>
Re-runnable workflow that reads Claude Code JSONL transcripts, classifies recorded Bash commands by safety category, and emits a reviewable proposal for the project's `permissions.allow`. Backed by `spellbook.gates.transcript_analyzer` so the same classification powers this skill and the underlying script.
</analysis>
<reflection>
Did I run with `--dry-run` first, review the rejected/unclassified buckets before writing, and confirm no mutating commands leaked into the proposed allow categories?
</reflection>
# Permissions From Transcripts
**Type:** Workflow + CLI wrapper
Propose a `permissions.allow` array by analyzing successful Bash invocations
recorded in past Claude Code sessions. The skill NEVER writes
`settings.json`. It produces a JSON proposal under
`~/.local/spellbook/state/proposed_allow_list.json` (unless `--dry-run`)
plus a human-readable summary on stdout. The operator reviews the proposal
and decides what to merge into the project's settings.
## Invariant Principles
1. **Never write settings.json** - The skill writes only to the proposal
path. Promotion into the project's `permissions.allow` is a separate,
manually approved step. Mutating commands MUST stay in the
`rejected_mutating` bucket.
2. **Successful invocations only** - A Bash tool_use is considered only
when paired with a non-error tool_result. Interrupted/unpaired
invocations are dropped so untested commands cannot seed the allow
list.
3. **Classification lives in one place** - All classification + bucketing
logic is in `spellbook.gates.transcript_analyzer`. Do not copy or
redefine `MUTATING`, `READ_ONLY_SAFE`, etc. inside the skill or the
script.
## Args
| Arg | Default | Effect |
|-----|---------|--------|
| `--days N` | `30` | Only consider records timestamped within the last N days. |
| `--include-mutating` | `false` | Surface mutating commands in stdout/JSON for visibility. They stay in `rejected_mutating` and are never promoted. |
| `--dry-run` | `true` | Print the summary, skip writing the proposal JSON. Pass `--no-dry-run` (i.e. omit `--dry-run` in the CLI; the script defaults to writing) when you want the proposal persisted. |
| `--config-dir PATH` | `~/.claude-work/projects` and `~/.claude/projects` | Repeatable. Root directory to scan. |
| `--output PATH` | `~/.local/spellbook/state/proposed_allow_list.json` | Where the proposal is written when not dry-running. |
The skill's `--dry-run` default is `true` to match the safe-by-default
posture: callers must opt in to writing the proposal file. The underlying
script defaults to writing because that is the canonical operator flow;
when invoked through the skill, always pass `--dry-run` first and only
re-run without it after reviewing the output.
## Workflow
1. **Dry-run first.** Invoke the analyzer with `--dry-run` and review the
stdout summary. Pay attention to:
- The `rejected_mutating` block - confirm every entry is truly
mutating. If a read-only command is being rejected, that is a
classification bug in `transcript_analyzer.py`, not a skill issue.
- The `unclassified` block - manually decide whether each entry
belongs in an allow category, the reject list, or stays
unclassified.
2. **Review and approve.** Compare the proposal against the project's
current `.claude/settings.json` `permissions.allow`. Decide which
patterns to add. Mutating entries are NEVER promoted.
3. **Persist (optional).** Re-run without `--dry-run` to write the
proposal JSON. Use the result as a checklist when editing
`permissions.allow` manually or via the `update-config` skill.
## Invocation
```bash
# Dry-run preview (default for the skill)
uv run python scripts/analyze_yolo_transcripts.py --days 30 --dry-run
# Persist the proposal for offline review
uv run python scripts/analyze_yolo_transcripts.py --days 30
# Custom transcript root + verbose mutating audit
uv run python scripts/analyze_yolo_transcripts.py \
--config-dir ~/.claude/projects \
--include-mutating
```
## Library Reuse
When you need the classifier from inside Python (e.g. a custom report or
test):
```python
from spellbook.gates.transcript_analyzer import (
bucket_and_classify,
classify,
extract_bash_commands,
render_proposed_list,
)
```
The script in `scripts/analyze_yolo_transcripts.py` is a thin CLI wrapper
over these functions; the skill does not maintain its own copy of the
category tables.
## When NOT to Use
- **Editing `permissions.allow` directly** - use the `update-config`
skill.
- **Live permission grants during a session** - use the platform's
`/permissions` command.
- **Auditing skills/commands for security issues** - use
`security-auditing`.Related Skills
writing-skills
Use when creating new skills, editing existing skills, or verifying skills work before deployment. Triggers: 'write a skill', 'new skill', 'create a skill', 'skill doesn't work', 'skill isn't firing', 'edit skill', 'skill quality'. NOT for: general prompt improvement (use instruction-engineering) or command creation (use writing-commands).
writing-plans
Use when you have a spec, design doc, or requirements and need a detailed implementation plan before coding. Triggers: 'write a plan', 'create implementation plan', 'plan this out', 'break this down into steps', 'convert design to tasks', 'implementation order'. Also invoked by develop during planning. NOT for: reviewing existing plans (use reviewing-impl-plans).
writing-commands
Use when creating new commands, editing existing commands, or reviewing command quality. Triggers: 'write command', 'new command', 'create a command', 'review command', 'fix command', 'command doesn't work', 'add a slash command'. NOT for: skill creation (use writing-skills).
verifying-hunches
Use when about to claim discovery during debugging. Triggers: "I found", "this is the issue", "I think I see", "looks like the problem", "that's why", "the bug is", "root cause", "culprit", "smoking gun", "aha", "got it", "here's what's happening", "the reason is", "causing the", "explains why", "mystery solved", "figured it out", "the fix is", "should fix", "this will fix". Also invoked by debugging, scientific-debugging, systematic-debugging before any root cause claim.
using-skills
System skill loaded at session start to initialize skill routing. Not invoked directly by users. Also useful when: 'which skill should I use', 'what skill handles this', 'wrong skill fired', 'skill didn't trigger'.
using-lsp-tools
Use when mcp-language-server tools are available and you need semantic code intelligence. Triggers: 'find definition', 'find references', 'who calls this', 'rename symbol', 'type hierarchy', 'go to definition', 'where is this used', 'where is this defined', 'what type is this'. Provides navigation, refactoring, and type analysis via LSP.
using-git-worktrees
Use when starting feature work that needs isolation from current workspace, or setting up parallel development tracks. Triggers: 'worktree', 'separate branch', 'isolate this work', 'don't mess up current work', 'work on two things at once', 'parallel workstreams', 'new branch for this', 'keep my current work safe'.
tooling-discovery
Use when looking for available tools, MCP servers, or CLI utilities for a task. Triggers: 'what tools do I have', 'is there an MCP for this', 'what's available', 'find a tool for', 'discover tooling', 'what CLI tools exist'. NOT for: documenting existing tools (use documenting-tools).
testing-strategy
Test selection strategy and scope guidance. Triggers: 'which tests should I run', 'test tiers', 'test marks', 'slow tests', 'integration vs unit', 'cross-module regression', 'test scope', 'what should I run', 'select tests', 'test batching'. NOT for: writing tests (use test-driven-development) or fixing broken tests (use fixing-tests).
test-driven-development
Use when user explicitly requests test-driven development. Triggers: 'TDD', 'write tests first', 'red green refactor', 'test-first', 'start with the test'. Also invoked by develop and executing-plans for implementation tasks. NOT for: full feature work (use develop, which includes TDD internally).
tarot-mode
Use when session returns mode.type='tarot', user says '/tarot', or requests roundtable dialogue with archetypes. Triggers: '/tarot', 'use tarot mode', 'roundtable with archetypes', 'tarot personas'. Session-level mode, not task-level.
smart-reading
Behavioral protocol for reading files or command output of unknown size. Loaded automatically for all file reading operations. Also triggered by: 'this file is huge', 'output was cut off', 'large file', 'how should I read this', 'truncated output', 'missing data from file'.