feat(claude): enhance permissions with context-aware safety patterns

.gitignore

@@ -156,6 +156,9 @@ home/.claude/*
 .claude/skills/
 .claude/settings.local.json
 
+# permissions-manager skill generated output
+doc/permissions/
+
 # vagrant
 .vagrant
 .vagrant/**/*

claude/permissions.beans.json

@@ -0,0 +1,15 @@
+{
+  "allow": [
+    "Bash(beans create:*)",
+    "Bash(beans list:*)",
+    "Bash(beans query:*)",
+    "Bash(beans show:*)",
+    "Bash(beans update:*)",
+    "Bash(beans:*)"
+  ],
+  "ask": [
+    "Bash(beans archive:*)",
+    "Bash(beans delete:*)"
+  ],
+  "deny": []
+}

claude/permissions.colima.json

@@ -0,0 +1,16 @@
+{
+  "allow": [
+    "Bash(colima delete:*)",
+    "Bash(colima kubernetes:*)",
+    "Bash(colima list:*)",
+    "Bash(colima ssh:*)",
+    "Bash(colima ssh-config:*)",
+    "Bash(colima start:*)",
+    "Bash(colima status:*)",
+    "Bash(colima stop:*)",
+    "Bash(colima template:*)",
+    "Bash(colima version:*)",
+    "Bash(colima:*)"
+  ],
+  "deny": []
+}

claude/permissions.git.jsonc

@@ -24,6 +24,18 @@
     "Bash(git merge:*)",
     "Bash(git rebase:*)",
 
+    // Safer force-push alternative
+    "Bash(git push --force-with-lease:*)",
+
+    // Safe reset patterns - align with remote
+    "Bash(git reset --hard origin/*:*)",
+    "Bash(git reset --hard upstream/*:*)",
+    "Bash(git reset --hard HEAD:*)",
+
+    // Clean dry-run (always safe)
+    "Bash(git clean -n:*)",
+    "Bash(git clean --dry-run:*)",
+
     // Inspection and queries
     "Bash(git check-ignore:*)",
     "Bash(git config:*)",
@@ -48,11 +60,24 @@
     "Bash(git tag:*)",
   ],
 
-  // Destructive operations that require explicit approval
-  "deny": [
-    "Bash(git clean -fd:*)", // Removes untracked files
-    "Bash(git push --force:*)", // Overwrites remote history
-    "Bash(git push -f:*)", // Same as above
-    "Bash(git reset --hard:*)", // Discards local changes
+  // Operations that warrant confirmation
+  "ask": [
+    "Bash(git clean -fd:*)",      // Removes untracked files
+    "Bash(git clean -fdx:*)",     // Also removes ignored files
+    "Bash(git push --force:*)",   // Force push (not to main/master)
+    "Bash(git push -f:*)",        // Force push shorthand
+    "Bash(git reset --hard:*)"    // Other hard resets not covered above
   ],
+
+  // Destructive operations that should never be auto-allowed
+  "deny": [
+    "Bash(git push --force origin main:*)",
+    "Bash(git push --force origin master:*)",
+    "Bash(git push -f origin main:*)",
+    "Bash(git push -f origin master:*)",
+    "Bash(git push --force upstream main:*)",
+    "Bash(git push --force upstream master:*)",
+    "Bash(git push -f upstream main:*)",
+    "Bash(git push -f upstream master:*)"
+  ]
 }

claude/permissions.json

@@ -1,9 +1,77 @@
 {
-  "allow": [],
+  "allow": [
+    "Bash(rm -rf .DS_Store)",
+    "Bash(rm -rf .cache)",
+    "Bash(rm -rf .coverage)",
+    "Bash(rm -rf .gradle)",
+    "Bash(rm -rf .next)",
+    "Bash(rm -rf .pytest_cache)",
+    "Bash(rm -rf .rspec_cache)",
+    "Bash(rm -rf .tmp)",
+    "Bash(rm -rf ./build)",
+    "Bash(rm -rf ./coverage)",
+    "Bash(rm -rf ./dist)",
+    "Bash(rm -rf ./node_modules)",
+    "Bash(rm -rf ./out)",
+    "Bash(rm -rf ./pkg)",
+    "Bash(rm -rf ./target)",
+    "Bash(rm -rf ./temp)",
+    "Bash(rm -rf ./tmp)",
+    "Bash(rm -rf ./vendor)",
+    "Bash(rm -rf build)",
+    "Bash(rm -rf coverage)",
+    "Bash(rm -rf dist)",
+    "Bash(rm -rf node_modules)",
+    "Bash(rm -rf out)",
+    "Bash(rm -rf pkg)",
+    "Bash(rm -rf target)",
+    "Bash(rm -rf temp)",
+    "Bash(rm -rf tmp)",
+    "Bash(rm -rf vendor)",
+    "Bash(sudo docker:*)",
+    "Bash(sudo journalctl:*)",
+    "Bash(sudo systemctl disable:*)",
+    "Bash(sudo systemctl enable:*)",
+    "Bash(sudo systemctl reload:*)",
+    "Bash(sudo systemctl restart:*)",
+    "Bash(sudo systemctl start:*)",
+    "Bash(sudo systemctl status:*)",
+    "Bash(sudo systemctl stop:*)"
+  ],
+  "ask": [
+    "Bash(sudo chmod:*)",
+    "Bash(sudo chown:*)",
+    "Bash(sudo chgrp:*)",
+    "Bash(sudo mkdir:*)",
+    "Bash(sudo mv:*)",
+    "Bash(sudo cp:*)",
+    "Bash(sudo ln:*)",
+    "Bash(sudo kill:*)",
+    "Bash(sudo killall:*)",
+    "Bash(sudo shutdown:*)",
+    "Bash(sudo reboot:*)",
+    "Bash(sudo halt:*)",
+    "Bash(sudo apt-get:*)",
+    "Bash(sudo yum:*)",
+    "Bash(sudo dnf:*)"
+  ],
   "deny": [
     "Bash(curl * | bash)",
     "Bash(curl * | sh)",
-    "Bash(rm -rf:*)",
-    "Bash(sudo:*)"
+    "Bash(wget * | bash)",
+    "Bash(wget * | sh)",
+    "Bash(sudo rm -rf:*)",
+    "Bash(sudo dd:*)",
+    "Bash(sudo mkfs:*)",
+    "Bash(sudo fdisk:*)",
+    "Bash(sudo parted:*)",
+    "Bash(rm -rf /:*)",
+    "Bash(rm -rf /*:*)",
+    "Bash(rm -rf ~:*)",
+    "Bash(rm -rf ~/*:*)",
+    "Bash(rm -rf $HOME:*)",
+    "Bash(rm -rf .:*)",
+    "Bash(rm -rf ..:*)",
+    "Bash(rm -rf ../*:*)"
   ]
 }

claude/permissions.mcp.json

@@ -6,5 +6,6 @@
     "mcp__MCPProxy__retrieve_tools",
     "mcp__MCPProxy__upstream_servers"
   ],
-  "deny": ["mcp__MCPProxy__call_tool_destructive"]
+  "ask": ["mcp__MCPProxy__call_tool_destructive"],
+  "deny": []
 }

claude/permissions.shell.json

@@ -1,51 +1,83 @@
 {
   "allow": [
-    "Bash(claude-permissions)",
+    "Bash(awk:*)",
+    "Bash(base64:*)",
+    "Bash(basename:*)",
+    "Bash(bash:*)",
+    "Bash(cat:*)",
+    "Bash(chmod:*)",
     "Bash(claude-permissions --aggregate)",
     "Bash(claude-permissions --json)",
     "Bash(claude-permissions --locations)",
     "Bash(claude-permissions --raw)",
     "Bash(claude-permissions cleanup)",
-    "Bash(cat:*)",
-    "Bash(chmod:*)",
+    "Bash(claude-permissions)",
     "Bash(command -v:*)",
     "Bash(cp:*)",
     "Bash(curl:*)",
+    "Bash(cut:*)",
+    "Bash(date:*)",
     "Bash(diff:*)",
     "Bash(dirname:*)",
     "Bash(echo:*)",
     "Bash(env:*)",
+    "Bash(expr:*)",
     "Bash(fd:*)",
     "Bash(file:*)",
     "Bash(find:*)",
     "Bash(grep:*)",
+    "Bash(gzip:*)",
     "Bash(head:*)",
+    "Bash(hostname:*)",
+    "Bash(id:*)",
     "Bash(jq:*)",
     "Bash(ln:*)",
     "Bash(ls:*)",
     "Bash(lsof:*)",
     "Bash(mkdir:*)",
     "Bash(mv:*)",
+    "Bash(nc:*)",
+    "Bash(openssl:*)",
+    "Bash(pkill:*)",
+    "Bash(printenv:*)",
+    "Bash(ps:*)",
     "Bash(pwd:*)",
     "Bash(readlink:*)",
     "Bash(realpath:*)",
     "Bash(rm:*)",
+    "Bash(rsync:*)",
     "Bash(sed:*)",
+    "Bash(seq:*)",
+    "Bash(sha256sum:*)",
+    "Bash(shasum:*)",
+    "Bash(sleep:*)",
     "Bash(sort:*)",
+    "Bash(split:*)",
+    "Bash(sqlite3:*)",
+    "Bash(ssh:*)",
     "Bash(stat:*)",
     "Bash(tail:*)",
     "Bash(tar:*)",
     "Bash(tee:*)",
     "Bash(test:*)",
+    "Bash(time:*)",
+    "Bash(timeout:*)",
     "Bash(touch:*)",
     "Bash(tr:*)",
     "Bash(tree:*)",
     "Bash(type:*)",
+    "Bash(uname:*)",
     "Bash(uniq:*)",
     "Bash(unzip:*)",
+    "Bash(watch:*)",
     "Bash(wc:*)",
     "Bash(which:*)",
-    "Bash(xargs:*)"
+    "Bash(whoami:*)",
+    "Bash(xargs:*)",
+    "Bash(xz:*)",
+    "Bash(yamllint:*)",
+    "Bash(yes:*)",
+    "Bash(zip:*)"
   ],
   "ask": [
     "Bash(claude-permissions cleanup --force)",

claude/permissions.web.json

@@ -3,6 +3,10 @@
     "WebFetch(domain:code.claude.com)",
     "WebFetch(domain:docs.github.com)",
     "WebFetch(domain:github.com)",
+    "WebFetch(domain:hk.jdx.dev)",
+    "WebFetch(domain:karafka.io)",
+    "WebFetch(domain:lima-vm.io)",
+    "WebFetch(domain:mise.jdx.dev)",
     "WebFetch(domain:raw.githubusercontent.com)"
   ],
   "deny": []

claude/permissions.work.json

@@ -4,7 +4,10 @@
     "Bash(bin/rubocop:*)",
     "Bash(bundle exec rspec:*)",
     "Bash(bundle exec rubocop:*)",
-    "Bash(bundle install)"
+    "Bash(bundle install)",
+    "Bash(npx bktide:*)",
+    "Bash(npx bktide build:*)",
+    "Bash(npx bktide)"
   ],
   "deny": []
 }

home/.claude/skills/permissions-manager/.gitignore

@@ -0,0 +1,18 @@
+# Temporary analysis files
+/tmp/
+*.tmp
+*.temp
+
+# Generated recommendations (unless intentionally committed)
+recommendations-*.md
+
+# Aggregated data (often contains private info)
+aggregate-*.txt
+permissions-aggregate-*.txt
+
+# Backup files
+*.bak
+*.backup
+
+# OS files
+.DS_Store