-
-
Save iannuttall/a7570cee412cc05d32d7a039830f28c7 to your computer and use it in GitHub Desktop.
| { | |
| "permissions": { | |
| "allow": [ | |
| "Read(**)", | |
| "Edit(**)", | |
| "MultiEdit(**)", | |
| "Write(**)", | |
| "Glob(**)", | |
| "Grep(**)", | |
| "LS(**)", | |
| "WebSearch(**)", | |
| "TodoRead()", | |
| "TodoWrite(**)", | |
| "Task(**)", | |
| "Bash(git status*)", | |
| "Bash(git log*)", | |
| "Bash(git diff*)", | |
| "Bash(git show*)", | |
| "Bash(git blame*)", | |
| "Bash(git branch*)", | |
| "Bash(git remote -v*)", | |
| "Bash(git config --get*)", | |
| "Bash(ls*)", | |
| "Bash(cat *)", | |
| "Bash(less *)", | |
| "Bash(head*)", | |
| "Bash(tail*)", | |
| "Bash(grep*)", | |
| "Bash(find*)", | |
| "Bash(tree*)", | |
| "Bash(pwd*)", | |
| "Bash(wc*)", | |
| "Bash(diff *)", | |
| "Bash(sed -n*)", | |
| "Bash(awk*)", | |
| "Bash(cut*)", | |
| "Bash(sort*)", | |
| "Bash(uniq*)", | |
| "Bash(basename *)", | |
| "Bash(dirname *)", | |
| "Bash(realpath *)", | |
| "Bash(readlink *)", | |
| "Bash(curl*)", | |
| "Bash(jq*)", | |
| "Bash(yq eval*)", | |
| "Bash(python*)", | |
| "Bash(python3*)", | |
| "Bash(node*)", | |
| "Bash(npm list*)", | |
| "Bash(npm run*)", | |
| "Bash(npx*)", | |
| "Bash(black --check*)", | |
| "Bash(black --diff*)", | |
| "Bash(pylint*)", | |
| "Bash(flake8*)", | |
| "Bash(mypy*)", | |
| "Bash(eslint*)", | |
| "Bash(pytest*)", | |
| "Bash(make test*)", | |
| "Bash(npm test*)", | |
| "Bash(make -n*)", | |
| "Bash(man *)", | |
| "Bash(pydoc*)", | |
| "Bash(which *)", | |
| "Bash(type *)", | |
| "Bash(echo *)", | |
| "Bash(printf *)", | |
| "Bash(test *)", | |
| "Bash(true*)", | |
| "Bash(false*)", | |
| "Bash(* | grep*)", | |
| "Bash(* | jq*)", | |
| "Bash(* | head*)", | |
| "Bash(* | tail*)", | |
| "Bash(* | wc*)", | |
| "Bash(* | sort*)", | |
| "Bash(* | uniq*)" | |
| ] | |
| "deny": [] | |
| } | |
| } |
Here's my π Safe and Hardened ~/.claude/settings.json
π§ Explanation of Key Changes
β
Still allowed:
Safe inspection tools: git, ls, cat, tree, head, tail
Static checks: black --check, flake8, mypy, etc.
Testing commands (pytest, make test) are kept but can be moved to deny if you want zero mutation.
β Now blocked:
rm, mv, cp, chmod, chown, dd β classic dangerous commands
curl, wget, python*, node*, npm run*, npx* β may pull or execute code
echo, printf β harmless alone but could be part of chaining to do damage
Bash(* | ) β blocks all generic pipelines like Bash( | jq*), which are too permissive
π‘οΈ Tips to Keep It Safe
Only allow commands with known, non-destructive flags (e.g., --check, -n, --dry-run)
Prefer exact matches over globs where possible
Avoid Bash() and Bash( | something) patterns unless scoped
Thanks @vinta - that's helpful to see how you setup the deny rules.