Does Permission Doctor modify my settings files?

No, Permission Doctor is a strictly read-only diagnostic tool. it analyzes and reports on issues without performing any file modifications.

What kind of security risks does it detect?

It identifies over 24 suspicious patterns, including access to critical system directories, dangerous command patterns, and overly broad wildcard permissions.

Can it distinguish between global and local settings?

Yes, it analyzes the relationship between global and local configuration to identify redundant permissions and ensures marketplace skills are correctly scoped.

How do I fix the issues found by Permission Doctor?

Permission Doctor identifies the issues and provides recommendations; you can then use the companion 'permission-fix' skill or manual editing to resolve them.

Permission Doctor

Name: Permission Doctor
Author: cuioss

bycuioss

0•

Security & Testing

Diagnoses and audits Claude Code permission settings to identify security risks, syntax errors, and redundant configurations.

Permission Doctor is a specialized diagnostic tool for Claude Code environments that ensures your security settings are robust, efficient, and error-free. By performing read-only analysis on both global and local settings files, it identifies dangerous security anti-patterns, detects redundant permissions that clutter your configuration, and validates syntax according to standardized patterns. This skill acts as a safety layer for developers, helping them understand their permission architecture and surface potential vulnerabilities without making any unintended changes to the filesystem.

Key Features

01Redundancy analysis between global and local configuration files

02Architecture analysis for global versus project-specific permissions

03Security anti-pattern detection with severity scoring (High/Medium/Low)

04Automated permission syntax and path format validation

05Read-only diagnostic reports that never modify configuration files

060 GitHub stars

Use Cases

01Auditing security permissions to find over-privileged or risky access patterns

02Debugging permission-related failures by validating syntax and structure

03Cleaning up configuration files by identifying duplicate permissions across scopes

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add cuioss/plan-marshall permission-doctor

For use in Claude.ai and ChatGPT

Download Skill