cc-permissions

cc-permissions

Thoughtful permission configs for Claude Code without the container overhead.

Claude Code users face a frustrating choice: run in a Docker sandbox with --dangerously-skip-permissions for convenience, or run natively and deal with constant permission prompts.

This tool offers a middle ground. Generate permission configurations tailored to your workflow, reducing prompt fatigue while maintaining control over what Claude Code can do.

⚠️ Warning: This approach is inherently less safe than a fully isolated environment. You're trading sandbox protection for convenience. ⚠️

Getting started

The fastest way to get going:

npx cc-permissions apply

This analyzes your project, detects relevant templates, and applies permissions to .claude/settings.json.

Want to see what would be applied first?

npx cc-permissions

Or install globally to use without npx:

npm install -g cc-permissions

Then run: cc-permissions apply

Or use as slash command via a Claude Code plugin:

# Add the marketplace
claude plugin marketplace add DanielCarmingham/cc-permissions

# Install the plugin
claude plugin install cc-permissions@DanielCarmingham-cc-permissions

# Update to latest version
claude plugin update cc-permissions@DanielCarmingham-cc-permissions

# Uninstall
claude plugin uninstall cc-permissions@DanielCarmingham-cc-permissions

Then use /cc-permissions:analyze, /cc-permissions:apply, and other slash commands directly in Claude Code.

Note: Third-party plugins don't auto-update by default. Run claude plugin update from your terminal to get new versions, or enable auto-update via /plugin → Marketplaces → select marketplace → Enable auto-update.

How it works

Permissions are organized into templates and levels.

Templates group commands by technology. Use nodejs for npm/yarn/pnpm commands, python for pip and pytest, docker for container operations, and so on. Combine them freely:

cc-permissions apply nodejs,python,docker

Levels control how permissive each template is:

Level	What it allows
restrictive	Read-only operations (list, status, info)
standard	Development workflow (run, build, test)
permissive	Broader access (install, publish, remove)

Levels are cumulative. standard includes everything from restrictive, and permissive includes everything from standard.

# Safe exploration mode
cc-permissions apply nodejs --level restrictive

# Normal development (default)
cc-permissions apply nodejs

# Trusted project, full access
cc-permissions apply nodejs --level permissive

Templates

General

Template	Description
shell	Basic shell and filesystem commands

IDE Integration

Template	Description
vscode-mcp	VS Code IDE MCP tools for Claude Code integration

Version Control

Template	Description
git	Git version control
gitea	Gitea CLI (tea) for repository and workflow management
gitea-mcp	Gitea MCP Server tools for repository and workflow management
github	GitHub CLI (gh) for repository and workflow management
github-mcp	GitHub MCP Server tools for repository and workflow management
gitlab	GitLab CLI (glab) for repository and workflow management
gitlab-mcp	GitLab MCP Server tools for repository and workflow management

Languages & Runtimes

Template	Description
bun	Bun runtime and package manager
dotnet	dotnet CLI, NuGet, MSBuild
go	Go development and golangci-lint
java	Java and JVM runtime
nodejs	Node.js, npm, and npx
php	PHP, Composer, and Laravel Artisan
pnpm	pnpm package manager
python	pip, python, venv, pytest, and common data tools
ruby	Ruby, Bundler, Rails, and Rake
rust	Cargo, rustc, and rustup
typescript	TypeScript compiler (tsc)
yarn	Yarn package manager

Build Tools

Template	Description
gradle	Gradle build tool and wrapper
maven	Apache Maven build tool

Cloud Providers