xr-agent-permissions

Unified permission management for Claude Code, Gemini CLI, and Codex CLI. Use this skill whenever the user wants to manage, view, sync, add, or remove permission rules across AI coding agents. Trigger on: 管理 agent 权限, 同步权限配置, 添加/删除权限规则, 查看权限, /agent-permissions, or any mention of managing allow/deny/block rules for claude/gemini/codex CLI tools.

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "xr-agent-permissions" with this command: npx skills add surmrf/skills/surmrf-skills-xr-agent-permissions

Agent Permissions Manager

Unified permission management across three AI CLI tools:

  • Claude Code: ~/.claude/settings.json
  • Gemini CLI: ~/.gemini/settings.json
  • Codex CLI: ~/.codex/config.toml

Format Differences

Each tool uses a different rule format. When converting a command (e.g., git log):

ToolAllow exampleDeny example
Claude CodeBash(git log *)entry in permissions.deny
Gemini CLIgit logentry in sandbox.blockedCommands
Codex CLI^git log( .*)?$ with decision = "allow"same pattern with decision = "forbidden"

Use scripts/permissions.sh for all reads and writes — never hand-edit the TOML/JSON directly without it, as TOML [[shell_rules]] arrays require careful handling.

Workflow

View current permissions

Run:

sh ~/.agents/skills/xr-agent-permissions/scripts/permissions.sh show

This prints a unified table of allow/deny rules across all three tools.

Add a rule

Ask the user for:

  1. The command pattern (e.g., git log, or a full regex/glob if they're specific)
  2. The decision: allow or deny

Then run:

sh ~/.agents/skills/xr-agent-permissions/scripts/permissions.sh add --command "git log" --decision allow
sh ~/.agents/skills/xr-agent-permissions/scripts/permissions.sh add --command "curl" --decision deny

The script auto-converts the command into each tool's native format.

Remove a rule

Ask the user which command to remove and from which decision list (allow/deny):

sh ~/.agents/skills/xr-agent-permissions/scripts/permissions.sh remove --command "git log" --decision allow

Sync (overwrite all rules)

When the user provides a full list of allow/deny rules to replace the existing ones:

sh ~/.agents/skills/xr-agent-permissions/scripts/permissions.sh sync \
  --allow "git log" "git status" "npm run" \
  --deny "sudo" "rm -rf" "curl"

This replaces only the permission-managed entries in all three config files, leaving other settings untouched.

Conversion Rules

When the user provides a plain command string, convert as follows:

Claude Code (permissions.allow / permissions.deny):

  • Prefix with Bash( and append *) for commands that take arguments
  • Single-word commands with no typical args: Bash(whoami), Bash(pwd)
  • Example: git logBash(git log *)

Gemini CLI (sandbox.allowedCommands / sandbox.blockedCommands):

  • Use the plain command string as-is (prefix match)
  • Example: git log"git log"

Codex CLI ([[shell_rules]] with pattern + decision):

  • Wrap in ^...$ regex, append ( .*)? to allow optional arguments
  • Example: git log^git log( .*)?$
  • allowdecision = "allow", denydecision = "forbidden"

After Changes

Always run show after making changes so the user can verify the result:

sh ~/.agents/skills/xr-agent-permissions/scripts/permissions.sh show

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Coding

frontend-design

Create distinctive, production-grade frontend interfaces with high design quality. Use this skill when the user asks to build web components, pages, artifacts, posters, or applications (examples include websites, landing pages, dashboards, React components, HTML/CSS layouts, or when styling/beautifying any web UI). Generates creative, polished code and UI design that avoids generic AI aesthetics.

Repository SourceNeeds Review
163.8K95.1Kanthropics
Coding

remotion-best-practices

Use this skills whenever you are dealing with Remotion code to obtain the domain-specific knowledge.

Repository SourceNeeds Review
149.9K2.2Kremotion-dev
Coding

azure-ai

Service Use When MCP Tools CLI

Repository SourceNeeds Review
137.5K156microsoft
Coding

azure-deploy

AUTHORITATIVE GUIDANCE — MANDATORY COMPLIANCE

Repository SourceNeeds Review
137.1K156microsoft