claude-permissions-update
Sync auto-approved permissions from all community-patterns directories (including community-patterns-2, -3, etc.) to the shared project settings. Shows new permissions for review before adding.
Best use case
claude-permissions-update is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Sync auto-approved permissions from all community-patterns directories (including community-patterns-2, -3, etc.) to the shared project settings. Shows new permissions for review before adding.
Teams using claude-permissions-update should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/claude-permissions-update/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How claude-permissions-update Compares
| Feature / Agent | claude-permissions-update | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Sync auto-approved permissions from all community-patterns directories (including community-patterns-2, -3, etc.) to the shared project settings. Shows new permissions for review before adding.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# Claude Permissions Update **Use this skill to consolidate auto-approved permissions from all your community-patterns workspaces.** ## Overview When you work across multiple community-patterns directories (e.g., community-patterns, community-patterns-2, etc.), you accumulate different auto-approved permissions in each directory's `.claude/settings.local.json`. This skill helps you: 1. Find all community-patterns directories 2. Gather all auto-approved permissions 3. Compare with the project-level `.claude/settings.json` 4. **Filter out junk and path-specific permissions automatically** 5. Show new permissions for your review by category 6. Let you select which to add to the shared settings ## Important: Local Settings Contain Junk **WARNING:** The `settings.local.json` files often contain accidentally auto-approved garbage: - Commit message fragments - Shell script fragments like `Bash(do)`, `Bash(fi)`, `Bash(then ...)` - Markdown content from heredocs - Path-specific permissions like `Bash(../community-patterns-2/patterns/...)` **The filtering step below is CRITICAL to avoid polluting project settings.** ## Step 1: Scan and Gather Permissions ```bash # Find all community-patterns directories echo "=== Scanning community-patterns directories ===" for dir in /Users/alex/Code/community-patterns*; do echo "Found: $dir" done ``` ## Step 2: Extract and Filter New Permissions ```bash # Get all local permissions (deduplicated) ALL_LOCAL=$(for dir in /Users/alex/Code/community-patterns*; do jq -r '.permissions.allow[]?' "$dir/.claude/settings.local.json" 2>/dev/null done | sort -u) # Get project permissions PROJECT_PERMS=$(jq -r '.permissions.allow[]?' .claude/settings.json 2>/dev/null | sort -u) # Find new permissions - FILTER for valid patterns only NEW_PERMS=$(comm -23 <(echo "$ALL_LOCAL") <(echo "$PROJECT_PERMS") | \ grep -E '^(Bash\(|Skill\(|Read\(|WebFetch\(|mcp__|SlashCommand)') ``` ## Step 3: Categorize for Review **Present permissions in categories to help the user decide:** ### General Commands (with wildcards - usually worth syncing) ```bash echo "=== General Bash commands (worth syncing) ===" echo "$NEW_PERMS" | grep -E ':\*\)$' | grep -v '../community-patterns' ``` These have wildcards and are NOT path-specific. Good candidates to sync. ### WebFetch Domains ```bash echo "=== WebFetch domains ===" echo "$NEW_PERMS" | grep '^WebFetch' ``` ### Skills and MCP Tools ```bash echo "=== Skills ===" echo "$NEW_PERMS" | grep '^Skill' echo "=== MCP tools ===" echo "$NEW_PERMS" | grep '^mcp__' ``` ### Path-Specific (SKIP these) ```bash echo "=== Path-specific permissions (SKIP) ===" echo "$NEW_PERMS" | grep '../community-patterns' ``` These are specific to a particular checkout and should NOT be synced. ## Step 4: Review with User **Use AskUserQuestion to walk through each category:** 1. Present general Bash commands one by one or in small groups 2. Present WebFetch domains (often safe to add all) 3. Present Skills and MCP tools 4. SKIP path-specific permissions automatically **Ask about each permission individually or in logical groups.** ## Step 5: Update Project Settings After user approval, edit `.claude/settings.json` to add the approved permissions to the `permissions.allow` array. **Use the Edit tool** to add each permission as a new line in the array. ## Workflow Summary 1. **Scan** all community-patterns-* directories 2. **Extract** permissions from each `.claude/settings.local.json` 3. **Filter** - remove junk (non-permission strings) and validate format 4. **Compare** with `.claude/settings.json` to find new ones 5. **Categorize** - separate general vs path-specific 6. **Present** to user by category (skip path-specific automatically) 7. **Update** project settings with approved permissions 8. **Verify** JSON is valid with `jq . .claude/settings.json > /dev/null` ## What to Sync vs Skip ### SYNC These (General Permissions) - `Bash(command:*)` - wildcarded commands - `Bash(git subcmd:*)` - git subcommands - `Bash(deno task:*)`, `Bash(timeout N command:*)` - tool commands - `WebFetch(domain:example.com)` - domain-specific fetch - `Skill(skill-name)` - skill invocations - `mcp__server__tool` - MCP tool permissions - `Read(//path/**)` - read patterns with wildcards ### SKIP These (Junk/Path-Specific) - `Bash(../community-patterns-N/...)` - relative paths to specific checkouts - `Bash(do)`, `Bash(fi)`, `Bash(then ...)` - shell fragments - Anything that looks like a commit message or markdown - Anything without parentheses or proper permission format ## Notes - This skill does NOT modify the local settings files - It only adds permissions to the shared project settings - User must approve all additions - After adding to project settings, the permissions will be available across all community-patterns workspaces - Always verify JSON validity after editing
Related Skills
testing
Test patterns with Playwright browser automation. Navigate to deployed patterns, interact with UI elements, verify functionality. Use when testing patterns after deployment or when debugging pattern behavior in browser.
Superstition Verification Skill
Use this skill to systematically verify superstitions in
strategic-investigation
Proactive recovery using plan mode and subagents. After 1-2 failed attempts, STOP trying variations. Enter plan mode and launch parallel Explore/Plan agents to find idiomatic solutions instead of spinning wheels.
session-startup
Session initialization sequence for community-patterns development. Use at the start of every Claude Code session. Checks for upstream updates, loads workspace configuration, and ensures dev servers are running.
recovery-strategies
Escalation path when stuck on pattern development. Use when encountering TypeScript errors, framework confusion, unexpected behavior, or blocked progress. Five-step recovery: check docs, study examples, strategic investigation (plan mode + subagents), reset and retry, ask user.
pattern-dev
Day-to-day pattern development best practices. Use when actively developing patterns. Covers incremental development, commits, communication guidelines, and general development workflow.
land-branch
Land a feature branch: pull from main, rebase the branch, create a PR, and merge it via rebase with automatic branch deletion. Use when ready to land a completed feature branch.
issue-filing
File framework issues after exhausting other approaches. Document complex problems with multiple failed attempts for framework authors. REQUIRES user permission. Use only after checking docs, community-docs, and trying multiple approaches.
git-workflow
Git operations and pull request workflows. Create PRs, rebase branches, resolve conflicts, merge to upstream. Use when ready to create PR or when working with git branches and upstream.
deployment
Deploy and update patterns. Use when deploying new patterns, updating existing deployments, or testing syntax. Includes deployment commands and the first custom pattern celebration.
community-docs
Community superstitions - unverified observations from pattern development. Use when encountering undocumented edge cases or framework quirks not in official docs. Verified knowledge should be upstreamed to labs docs.
securing-aws-iam-permissions
This skill guides practitioners through hardening AWS Identity and Access Management configurations to enforce least privilege access across cloud accounts. It covers IAM policy scoping, permission boundaries, Access Analyzer integration, and credential rotation strategies to reduce the blast radius of compromised identities.