update-permissions
Configure bash command permissions and file access permissions in magenta options. Use when commands or file paths need to be permanently allowlisted.
Install
mkdir -p .claude/skills/update-permissions && curl -L -o skill.zip "https://mcp.directory/api/skills/download/2486" && unzip -o skill.zip -d .claude/skills/update-permissions && rm skill.zipInstalls to .claude/skills/update-permissions
About this skill
Updating Bash Command Permissions
This skill guides you to add bash command permissions to magenta's configuration files.
Configuration Locations
- Project-level:
.magenta/options.jsonin the project root - User-level:
~/.magenta/options.jsonin the home directory
User-level permissions apply across all projects. Project-level permissions only apply to the current project and are merged with user-level permissions.
How to Update Permissions
- Read the existing options file (if it exists)
- Add or merge the new
commandConfigentries - Write the updated JSON back to the file
If the file doesn't exist, create it with just the commandConfig key.
Permission Structure
The commandConfig option uses a rules array where each rule describes a command tree:
{
"commandConfig": {
"rules": [
{ "cmd": "echo", "rest": "any" },
{ "cmd": "cat", "args": ["readFile"] },
{ "cmd": "grep", "flags": ["-i"], "args": ["any"], "rest": "readFiles" },
{ "cmd": "sort", "options": { "-o": "writeFile" }, "args": ["readFile"] },
{
"cmd": "git",
"options": { "-C": "any" },
"subcommands": [
{ "cmd": "status", "rest": "any" },
{ "cmd": "commit", "options": { "-m": "any" }, "rest": "any" }
]
}
]
}
}
CommandRule Fields
Each rule is an object with these fields:
cmd(required): The command name (e.g.,"grep","git")flags: Array of boolean flags (no value, order-independent, all optional). E.g.,["-i", "-l"]options: Object mapping option keys to value types (order-independent, all optional). E.g.,{ "-n": "any", "-o": "writeFile" }subcommands: Array of nestedCommandRuleobjects. After extracting parent flags/options, the next arg must match a subcommand. Mutually exclusive withargs/rest/pipe.args: Array of positional argument types, matched in order (leaf nodes only)rest: What to do with remaining args after positionals:"any","readFiles", or"writeFiles"(leaf nodes only)pipe: Iftrue, this rule only applies when the command receives pipe input (leaf nodes only)
Argument Types (for args)
Each positional in args can be:
"any": Any single value"readFile": A readable file path (permission-checked)"writeFile": A writable file path (permission-checked){ "pattern": "regex" }: Must match the given regex{ "type": "any"|"readFile"|"writeFile", "optional": true }: Optional positional argument
Option Value Types (for options values)
"any": Any value"readFile": Value is a readable file path (permission-checked)"writeFile": Value is a writable file path (permission-checked){ "pattern": "regex" }: Value must match regex
Examples
Allow npm commands
{
"commandConfig": {
"rules": [
{
"cmd": "npm",
"subcommands": [
{ "cmd": "install", "rest": "any" },
{ "cmd": "run", "rest": "any" },
{ "cmd": "test" }
]
}
]
}
}
Allow rg with flags and file targets
{
"commandConfig": {
"rules": [
{
"cmd": "rg",
"flags": ["-l", "-i"],
"options": { "--type": "any" },
"args": ["any"],
"rest": "readFiles"
}
]
}
}
Allow head with optional -n flag or numeric pattern
{
"commandConfig": {
"rules": [
{ "cmd": "head", "options": { "-n": "any" }, "args": ["readFile"] },
{ "cmd": "head", "args": [{ "pattern": "-[0-9]+" }, "readFile"] }
]
}
}
Allow pipe commands
{
"commandConfig": {
"rules": [
{ "cmd": "grep", "rest": "any", "pipe": true },
{ "cmd": "sort", "rest": "any", "pipe": true }
]
}
}
Allow sort with write-checked output option
{
"commandConfig": {
"rules": [
{ "cmd": "sort", "options": { "-o": "writeFile" }, "args": ["readFile"] }
]
}
}
Matching Semantics
- Flags and options are order-independent:
-ican appear before or after positional args - Unrecognized
-args pass through to positional matching:head -10 file.txtworks when-10matches a pattern positional --key=valuesyntax is supported:--output=file.txtis split and checked if--outputis a known option- A command is allowed if ANY rule matches
- Pipe rules only match piped commands: Rules with
pipe: trueonly apply when the command receives pipe input; rules withoutpipeonly apply to standalone commands
Merging Rules
When adding new permissions to an existing config, append new rule objects to the rules array. Avoid duplicate rules.
Legacy Format Support
The old format using commands and pipeCommands arrays is still supported for backward compatibility:
{
"commandConfig": {
"commands": [["echo", { "type": "restAny" }]],
"pipeCommands": [["grep", { "type": "restAny" }]]
}
}
This will be automatically converted to the new rules format. New configs should use the rules format.
File Permissions
In addition to command permissions, you can configure which directories allow file operations without confirmation using filePermissions:
{
"filePermissions": [
{ "path": "/tmp", "read": true, "write": true },
{ "path": "~/src", "read": true },
{
"path": "~/.config",
"read": true,
"write": true,
"readSecret": true,
"writeSecret": true
}
]
}
Properties:
path: Path prefix (supports~for home directory)read: Allow reading files without confirmationwrite: Allow writing files without confirmationreadSecret: Allow reading hidden files (e.g.,.env,.secret)writeSecret: Allow writing hidden files
By default, the current working directory has read and write permissions. Hidden files (segments starting with . after the permission path) require the readSecret/writeSecret permissions.
Permissions inherit down the directory tree: if ~/src has read: true, then ~/src/project/file.ts also has read permission.
Builtin Permissions
Many common commands are already allowed by default (see node/capabilities/bash-parser/builtin-permissions.json), including:
- Basic commands:
ls,pwd,echo,cat,head,tail,wc,grep,sort,uniq,cut,awk,sed - Git commands (via subcommands):
status,log,diff,show,add,commit,push, etc. (with global-Cand-coptions) - Search tools:
rg,fd
Pipe commands like grep, sed, awk, sort, head, tail, etc. are also allowed when receiving pipe input.
More by dlants
View all →You might also like
flutter-development
aj-geddes
Build beautiful cross-platform mobile apps with Flutter and Dart. Covers widgets, state management with Provider/BLoC, navigation, API integration, and material design.
drawio-diagrams-enhanced
jgtolentino
Create professional draw.io (diagrams.net) diagrams in XML format (.drawio files) with integrated PMP/PMBOK methodologies, extensive visual asset libraries, and industry-standard professional templates. Use this skill when users ask to create flowcharts, swimlane diagrams, cross-functional flowcharts, org charts, network diagrams, UML diagrams, BPMN, project management diagrams (WBS, Gantt, PERT, RACI), risk matrices, stakeholder maps, or any other visual diagram in draw.io format. This skill includes access to custom shape libraries for icons, clipart, and professional symbols.
godot
bfollington
This skill should be used when working on Godot Engine projects. It provides specialized knowledge of Godot's file formats (.gd, .tscn, .tres), architecture patterns (component-based, signal-driven, resource-based), common pitfalls, validation tools, code templates, and CLI workflows. The `godot` command is available for running the game, validating scripts, importing resources, and exporting builds. Use this skill for tasks involving Godot game development, debugging scene/resource files, implementing game systems, or creating new Godot components.
nano-banana-pro
garg-aayush
Generate and edit images using Google's Nano Banana Pro (Gemini 3 Pro Image) API. Use when the user asks to generate, create, edit, modify, change, alter, or update images. Also use when user references an existing image file and asks to modify it in any way (e.g., "modify this image", "change the background", "replace X with Y"). Supports both text-to-image generation and image-to-image editing with configurable resolution (1K default, 2K, or 4K for high resolution). DO NOT read the image file first - use this skill directly with the --input-image parameter.
ui-ux-pro-max
nextlevelbuilder
"UI/UX design intelligence. 50 styles, 21 palettes, 50 font pairings, 20 charts, 8 stacks (React, Next.js, Vue, Svelte, SwiftUI, React Native, Flutter, Tailwind). Actions: plan, build, create, design, implement, review, fix, improve, optimize, enhance, refactor, check UI/UX code. Projects: website, landing page, dashboard, admin panel, e-commerce, SaaS, portfolio, blog, mobile app, .html, .tsx, .vue, .svelte. Elements: button, modal, navbar, sidebar, card, table, form, chart. Styles: glassmorphism, claymorphism, minimalism, brutalism, neumorphism, bento grid, dark mode, responsive, skeuomorphism, flat design. Topics: color palette, accessibility, animation, layout, typography, font pairing, spacing, hover, shadow, gradient."
rust-coding-skill
UtakataKyosui
Guides Claude in writing idiomatic, efficient, well-structured Rust code using proper data modeling, traits, impl organization, macros, and build-speed best practices.
Stay ahead of the MCP ecosystem
Get weekly updates on new skills and servers.