Does this skill require the Google Cloud SDK?

Yes, the safe-gcloud wrapper requires the standard gcloud CLI to be installed and authenticated on your system to execute permitted commands.

Why are my direct gcloud commands being blocked?

This skill enforces a security policy where all Google Cloud commands must pass through a wrapper script to ensure only authorized actions from your allowlist are performed.

Can Claude update the allowlist for me?

No. For security reasons, the allowlist is under user control only. Claude can suggest the correct pattern to add, but it cannot modify the file itself.

How do I add new permissions to the allowlist?

You must manually edit the .claude/gcloud-allowlist.json file in your project root to include the specific command patterns you wish to permit.

What kind of pattern syntax does the allowlist support?

It supports exact matches, command-with-args wildcards (e.g., 'projects list:*'), and service-wide wildcards (e.g., 'compute:*') to provide flexible control.

Safe Google Cloud CLI Wrapper

Name: Safe Google Cloud CLI Wrapper
Author: dhughes

bydhughes

0•

Cloud Infrastructure

Enforces secure and controlled access to Google Cloud CLI commands within Claude environments using a customizable allowlist.

The safe-gcloud-usage skill provides a critical security layer for managing Google Cloud Platform (GCP) resources through Claude. By routing all gcloud operations through a specialized wrapper script, it ensures that only pre-approved commands—defined in a project-specific allowlist—can be executed. This is ideal for developers who want to harness Claude's power for infrastructure management, project auditing, or service deployment while maintaining strict governance and preventing accidental or unauthorized cloud modifications. The skill handles command validation, provides clear error messaging for blocked actions, and guides users on how to safely expand their permission scope.

Key Features

01Command-level allowlist enforcement via JSON configuration

020 GitHub stars

03Real-time feedback and pattern suggestions for blocked commands

04Seamless integration with existing gcloud CLI configurations

05Pattern-based matching for flexible gcloud subcommand permissions

06User-controlled security governance for cloud operations

Use Cases

01Safely managing production environments by scoping allowed gcloud commands per project

02Restricting Claude to read-only GCP operations like listing projects or describing instances

03Standardizing cloud CLI workflows across teams with shared allowlist patterns

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add dhughes/claude-marketplace safe-gcloud-usage

For use in Claude.ai and ChatGPT

Download Skill