When should I use --dangerously-skip-permissions?

This flag is best used when running agents in isolated environments like git worktrees, where the agent is already physically restricted to a separate workspace.

Are wildcards supported for bash commands?

Wildcards are supported for prefix matching at the end of a command pattern (e.g., "git log:*"), but they cannot be used at the beginning or middle of a command.

Can I limit which shell commands an agent executes?

Yes, using the Bash tool syntax like "Bash(pytest:*)" allows you to restrict the agent to only running commands that start with that prefix, preventing unauthorized shell operations.

Does this skill support MCP tools?

Yes, it provides syntax for allowing either an entire MCP server using "mcp__servername" or a specific tool within that server using "mcp__servername__toolname".

How do I restrict Claude Code to a specific directory?

You can use the --allowedTools flag with path patterns, such as "Edit(/src/components/**)", to ensure the agent can only modify files within that specific directory.

Agent Tool Permissions

Name: Agent Tool Permissions
Author: jpoutrin

byjpoutrin

•

Security & Testing

Configures granular tool permissions and path restrictions for secure, multi-agent Claude Code workflows.

The Agent Tool Permissions skill provides a robust framework for managing security and access control when launching Claude Code agents. It enables developers to define precise boundaries for AI agents by restricting file operations to specific directories, whitelisting specific bash command prefixes, and limiting web access to trusted domains. This is essential for maintaining project integrity during parallel development, ensuring that agents only interact with relevant codebases and authorized tools while preventing unintended side effects or unauthorized system changes.

Key Features

01Path-scoped file restrictions using gitignore-style patterns for Read/Write/Edit tools

02Bash command whitelisting with prefix matching to prevent arbitrary shell execution

03Granular MCP server and tool-specific permission management

04Domain-specific WebFetch restrictions for controlled external documentation access

05Comprehensive CLI syntax reference for the --allowedTools configuration flag

062 GitHub stars

Use Cases

01Setting up a dedicated testing agent authorized only to run specific test suites like pytest or npm test

02Isolating a feature-specific agent to only modify files within a targeted application subdirectory

03Creating read-only analysis agents for code reviews that cannot modify the source code

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add jpoutrin/product-forge agent-tools

For use in Claude.ai and ChatGPT

Download Skill