Can I restrict Claude to only work within my project directory?

Yes, by using the 'path:$PROJECT_ROOT/**' pattern in your rules, you can ensure that commands like 'rm' or 'mv' only affect files within your specific project scope.

How does cc-allow handle conflicting rules?

It uses a specificity scoring system where more detailed rules (e.g., matching specific arguments or paths) take precedence over general command rules.

What is the purpose of the allow-rules skill?

It manages the cc-allow configuration, which acts as a security firewall for bash commands executed by Claude, ensuring the AI only performs authorized actions.

Where are the permission settings stored?

Settings are stored in TOML files located at ~/.config/cc-allow.toml for global defaults and .claude/cc-allow.toml for project-specific overrides.

Command Permission Manager (cc-allow)

Name: Command Permission Manager (cc-allow)
Author: dannycoates

bydannycoates

•

Seguridad y Pruebas

Manages fine-grained bash command permissions and security policies for Claude Code execution.

The allow-rules skill enables Claude to interact with the cc-allow security framework, a robust system for governing which bash commands the AI is permitted to run. By managing cc-allow.toml configuration files, this skill allows users to define global or project-specific policies for allowing, denying, or prompting for confirmation before command execution. It supports sophisticated matching via glob patterns, regular expressions, and path resolution, ensuring that AI-driven terminal operations remain safe, predictable, and restricted to authorized scopes.

Características Principales

01Advanced argument matching using regex, globs, and flag detection

02Specificity-based rule engine that resolves conflicting permissions intelligently

03Granular command control with allow, deny, and ask (prompt) actions

04Pipe and redirect monitoring to prevent dangerous data exfiltration or overwrites

051 GitHub stars

06Path-based security restricting commands to $PROJECT_ROOT or $HOME

Casos de Uso

01Preventing the AI from executing destructive commands like 'rm' outside of specific build folders

02Creating a 'golden path' for development by auto-allowing safe tools like git, ls, and npm

03Implementing security guardrails that block piping sensitive data to external shells or scripts

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add dannycoates/cc-allow allow-rules

For use in Claude.ai and ChatGPT

Download Skill