Run any Skill in Manus with one click

permission-tuner

Analyze permission denial patterns and generate optimized alwaysAllow and alwaysDeny rules. Use when permission prompts are slowing you down or after sessions with many denials.

Run Skill in Manus

Overview

Analyze permission denial patterns and generate optimized alwaysAllow and alwaysDeny rules. Use when permission prompts are slowing you down or after sessions with many denials.

Install command

npx skills add https://github.com/rohitg00/pro-workflow --skill permission-tuner

Copy and paste this command into Claude Code to install the skill

Source

rohitg00/pro-workflow

Stars2,266

Forks220

UpdatedMay 27, 2026 at 12:03

SKILL.md

readonly

name	permission-tuner
description	Analyze permission denial patterns and generate optimized alwaysAllow and alwaysDeny rules. Use when permission prompts are slowing you down or after sessions with many denials.

Permission Tuner

Reduce permission prompt fatigue by analyzing denial patterns and suggesting targeted rules.

Trigger

Use when:

Permission prompts interrupt flow repeatedly
Starting a new project and want to configure permissions
After a session with many manual approvals

Workflow

Scan recent session data for permission patterns
Identify frequently-approved tools and patterns
Generate safe alwaysAllow rules
Present rules for approval before applying

Analysis

Step 1: Gather Permission Data

Check current permission rules:

cat .claude/settings.json 2>/dev/null | grep -A 20 "permissions"
cat ~/.claude/settings.json 2>/dev/null | grep -A 20 "permissions"

Step 2: Identify Safe Patterns

Allow-list candidates (low risk):

Read — all file reads (read-only, no side effects)
Glob — file pattern matching (read-only)
Grep — content search (read-only)
Bash(git status) — read-only git commands
Bash(git diff*) — read-only git commands
Bash(git log*) — read-only git commands
Bash(npm test*) — test execution
Bash(npm run lint*) — linting
Bash(npm run typecheck*) — type checking

Ask candidates (medium risk — prompt user every time):

Edit — file modifications
Write — new file creation
Bash(git add*) — staging changes
Bash(git commit*) — creating commits
Bash(npm install*) — dependency changes

Deny-list candidates (high risk):

Bash(git push*) — affects remote
Bash(git reset --hard*) — destructive
Bash(rm -rf*) — destructive
Bash(curl*POST*) — external API calls
Any command with --force or --no-verify

Step 3: Generate Rules

{
  "permissions": {
    "allow": [
      "Read",
      "Glob",
      "Grep",
      "Bash(git status)",
      "Bash(git diff*)",
      "Bash(git log*)",
      "Bash(npm test*)",
      "Bash(npm run lint*)",
      "Bash(npm run typecheck*)"
    ],
    "deny": [
      "Bash(rm -rf *)",
      "Bash(git push --force*)",
      "Bash(git reset --hard*)"
    ]
  }
}

Output

PERMISSION TUNER REPORT

Current rules: [X] allow, [Y] deny, [Z] ask

Recommendations:
  Auto-approve (safe, read-only):
    + Read, Glob, Grep
    + Bash(git status), Bash(git diff*), Bash(git log*)

  Auto-approve (medium risk, frequently used):
    + Edit (approved X times this session)
    + Bash(npm test*) (approved X times)

  Keep asking:
    ~ Bash(git commit*) — verify commit messages
    ~ Write — verify new file creation

  Auto-deny (dangerous):
    - Bash(rm -rf *)
    - Bash(git push --force*)

Estimated prompts saved per session: ~[N]

Rules

Destructive operations must stay in the deny list
Always present rules for user approval before applying
Group rules by risk level (safe/medium/dangerous)
Include estimated prompt savings

More from this repository

same repository

auto-setup

rohitg00/pro-workflow

Auto-configure quality gates, hooks, and settings for a new project. Detects project type and sets up appropriate tooling. Use when onboarding a new codebase.

2026-05-272.3k

pro-workflow

rohitg00/pro-workflow

Complete AI coding workflow system. Orchestration patterns, 18 hook events, 5 agents, cross-agent support, reference guides, and searchable learnings. Works with Claude Code, Cursor, and 32+ agents.

2026-05-272.3k

safe-mode

rohitg00/pro-workflow

Prevent destructive operations using Claude Code hooks. Three modes — cautious (warn on dangerous commands), lockdown (restrict edits to one directory), and clear (remove restrictions). Uses PreToolUse matchers for Bash, Edit, and Write.

2026-05-272.3k

wiki-viewer

rohitg00/pro-workflow

Render a self-contained HTML viewer for a pro-workflow wiki. Pages, sources, claims, seed queue, page-link graph and full-text search all in one file. No external dependencies, no JS framework, S3-uploadable. Use when the user wants to browse a wiki visually, share its current state with someone, audit research progress, or hand off a knowledge base. Inspired by Thariq Shihipar's "Unreasonable Effectiveness of HTML" — favors information density and shareability over markdown-only outputs.

2026-05-092.3k

learn-rule

rohitg00/pro-workflow

Capture a correction or lesson as a persistent learning rule with category, mistake, and correction. Stores, categorises, and retrieves rules for future sessions. Use after mistakes or when the user says "remember this", "don't forget", "note this", or "learn from this".

2026-05-092.3k

llm-council

rohitg00/pro-workflow

Provider-agnostic multi-LLM deliberation. Three phases — independent responses, cross-model anonymized ranking, chairman synthesis. Provider config from env (OPENAI/ANTHROPIC/FIREWORKS/OPENROUTER/custom OpenAI-compatible base URL). Persists transcript to a wiki page when --wiki <slug> is passed. Use when the user wants multiple AI perspectives, consensus-building, or the "LLM Council" approach for high-stakes reviews, plan critique, or contested learning rules.

2026-05-092.3k

Source

rohitg00

rohitg00/pro-workflow

View GitHub Repository View Creator Repositories

Install command

Download

Run Skill in Manus

Useful forSOC

Software DevelopersComputer and Mathematical Occupations15-1252L4

name	permission-tuner
description	Analyze permission denial patterns and generate optimized alwaysAllow and alwaysDeny rules. Use when permission prompts are slowing you down or after sessions with many denials.

Permission Tuner

Reduce permission prompt fatigue by analyzing denial patterns and suggesting targeted rules.

Trigger

Use when:

Permission prompts interrupt flow repeatedly
Starting a new project and want to configure permissions
After a session with many manual approvals

Workflow

Scan recent session data for permission patterns
Identify frequently-approved tools and patterns
Generate safe alwaysAllow rules
Present rules for approval before applying

Analysis

Step 1: Gather Permission Data

Check current permission rules:

cat .claude/settings.json 2>/dev/null | grep -A 20 "permissions"
cat ~/.claude/settings.json 2>/dev/null | grep -A 20 "permissions"

Step 2: Identify Safe Patterns

Allow-list candidates (low risk):

Read — all file reads (read-only, no side effects)
Glob — file pattern matching (read-only)
Grep — content search (read-only)
Bash(git status) — read-only git commands
Bash(git diff*) — read-only git commands
Bash(git log*) — read-only git commands
Bash(npm test*) — test execution
Bash(npm run lint*) — linting
Bash(npm run typecheck*) — type checking

Ask candidates (medium risk — prompt user every time):

Edit — file modifications
Write — new file creation
Bash(git add*) — staging changes
Bash(git commit*) — creating commits
Bash(npm install*) — dependency changes

Deny-list candidates (high risk):

Bash(git push*) — affects remote
Bash(git reset --hard*) — destructive
Bash(rm -rf*) — destructive
Bash(curl*POST*) — external API calls
Any command with --force or --no-verify

Step 3: Generate Rules

{
  "permissions": {
    "allow": [
      "Read",
      "Glob",
      "Grep",
      "Bash(git status)",
      "Bash(git diff*)",
      "Bash(git log*)",
      "Bash(npm test*)",
      "Bash(npm run lint*)",
      "Bash(npm run typecheck*)"
    ],
    "deny": [
      "Bash(rm -rf *)",
      "Bash(git push --force*)",
      "Bash(git reset --hard*)"
    ]
  }
}

Output

PERMISSION TUNER REPORT

Current rules: [X] allow, [Y] deny, [Z] ask

Recommendations:
  Auto-approve (safe, read-only):
    + Read, Glob, Grep
    + Bash(git status), Bash(git diff*), Bash(git log*)

  Auto-approve (medium risk, frequently used):
    + Edit (approved X times this session)
    + Bash(npm test*) (approved X times)

  Keep asking:
    ~ Bash(git commit*) — verify commit messages
    ~ Write — verify new file creation

  Auto-deny (dangerous):
    - Bash(rm -rf *)
    - Bash(git push --force*)

Estimated prompts saved per session: ~[N]

Rules

Destructive operations must stay in the deny list
Always present rules for user approval before applying
Group rules by risk level (safe/medium/dangerous)
Include estimated prompt savings