Stats
Actions
Tags
From claude-mods
Initializes Claude Code with pre-configured permissions and rules for modern dev tools (ripgrep, lazygit, zoxide, jq, docker, uv, AI CLIs).
How this skill is triggered — by the user, by Claude, or both
Slash command
/claude-mods:setpermsThis skill is limited to the following tools:
The summary Claude sees in its skill listing — used to decide when to auto-load this skill
Initialize Claude Code with modern dev-shell-tools for a comfortable development experience.
Initialize Claude Code with modern dev-shell-tools for a comfortable development experience.
Installs complete dev environment setup:
.claude/settings.local.json) - Pre-approved CLI tools.claude/rules/cli-tools.md) - Instructions to prefer modern toolsTools from dev-shell-tools:
Core Tools:
Dev Tools:
AI CLI Tools:
/setperms
|
+-- Check for existing .claude/ files
| +-- If exists: Ask to overwrite or skip
| +-- If not: Proceed
|
+-- Create .claude directory
+-- Create .claude/rules directory
|
+-- Write settings.local.json (permissions)
+-- Ensure .gitignore excludes settings.local.json (secret-safety)
+-- Write rules/cli-tools.md (tool preferences)
ls -la .claude/settings.local.json 2>/dev/null
ls -la .claude/rules/cli-tools.md 2>/dev/null
If files exist, ask user:
mkdir -p .claude/rules
Write to .claude/settings.local.json:
{
"permissions": {
"allow": [
"Bash(git:*)",
"Bash(ls:*)",
"Bash(mkdir:*)",
"Bash(cat:*)",
"Bash(wc:*)",
"Bash(tree:*)",
"Bash(curl:*)",
"Bash(rg:*)",
"Bash(fd:*)",
"Bash(fzf:*)",
"Bash(z:*)",
"Bash(zoxide:*)",
"Bash(br:*)",
"Bash(broot:*)",
"Bash(ast-grep:*)",
"Bash(sg:*)",
"Bash(bat:*)",
"Bash(eza:*)",
"Bash(delta:*)",
"Bash(difft:*)",
"Bash(jq:*)",
"Bash(yq:*)",
"Bash(sd:*)",
"Bash(lazygit:*)",
"Bash(gh:*)",
"Bash(tokei:*)",
"Bash(uv:*)",
"Bash(just:*)",
"Bash(http:*)",
"Bash(procs:*)",
"Bash(hyperfine:*)",
"Bash(npm:*)",
"Bash(npx:*)",
"Bash(node:*)",
"Bash(pnpm:*)",
"Bash(yarn:*)",
"Bash(bun:*)",
"Bash(python:*)",
"Bash(pip:*)",
"Bash(cargo:*)",
"Bash(go:*)",
"Bash(rustc:*)",
"Bash(pytest:*)",
"Bash(make:*)",
"Bash(docker:*)",
"Bash(docker-compose:*)",
"Bash(powershell -Command:*)",
"Bash(powershell.exe:*)",
"Bash(bash:*)",
"Bash(chmod:*)",
"Bash(sort:*)",
"Bash(uniq:*)",
"Bash(cut:*)",
"Bash(tr:*)",
"Bash(xargs:*)",
"Bash(tee:*)",
"Bash(head:*)",
"Bash(tail:*)",
"Bash(diff:*)",
"Bash(tar:*)",
"Bash(zip:*)",
"Bash(unzip:*)",
"Bash(command -v:*)",
"Bash(brew:*)",
"Bash(tldr:*)",
"Bash(dust:*)",
"Bash(btm:*)",
"Bash(bottom:*)",
"Bash(markitdown:*)",
"Bash(firecrawl:*)",
"Bash(gemini:*)",
"Bash(claude:*)",
"Bash(codex:*)",
"Bash(perplexity:*)"
],
"deny": [],
"ask": [
"Bash(git reset --hard:*)",
"Bash(git checkout -- :*)",
"Bash(git clean -f:*)",
"Bash(git stash drop:*)",
"Bash(git stash clear:*)",
"Bash(git restore --worktree:*)",
"Bash(git push --force:*)",
"Bash(git push -f:*)",
"Bash(git push origin --force:*)",
"Bash(git push origin -f:*)",
"Bash(git branch -D:*)"
]
},
"hooks": {}
}
settings.local.json is user-specific and frequently accumulates secrets in
permission rules (an API key baked into a Bash(...) allow entry, a token in a
custom command). It must never reach a remote. Before finishing, ensure the repo
root .gitignore excludes it:
# Add the rule only if it's not already present
grep -qxF '.claude/settings.local.json' .gitignore 2>/dev/null \
|| printf '\n# Local settings (user-specific; may contain API keys)\n.claude/settings.local.json\n' >> .gitignore
# If it was already tracked from a prior commit, stop tracking it (keeps the file)
git ls-files --error-unmatch .claude/settings.local.json >/dev/null 2>&1 \
&& git rm --cached .claude/settings.local.json
Skip silently if the project has no git repo. This pairs with the git-ops
push-safety gate, which also refuses any push that adds .claude/settings.local.json
— defense in depth so a leaked key can't recur.
Write to .claude/rules/cli-tools.md:
# CLI Tool Preferences (dev-shell-tools)
ALWAYS prefer modern CLI tools over traditional alternatives.
## File Search & Navigation
| Instead of | Use | Why |
|------------|-----|-----|
| `find` | `fd` | 5x faster, respects .gitignore |
| `grep` | `rg` (ripgrep) | 10x faster, respects .gitignore |
| `ls` | `eza` | Git status, tree view |
| `cat` | `bat` | Syntax highlighting |
| `cd` + manual | `z`/`zoxide` | Frecent directories |
| `tree` | `eza --tree` | Interactive |
## Data Processing
| Instead of | Use |
|------------|-----|
| `sed` | `sd` |
| Manual JSON | `jq` |
| Manual YAML | `yq` |
## Git Operations
| Instead of | Use |
|------------|-----|
| `git diff` | `delta` or `difft` |
| Manual git | `lazygit` |
| GitHub web | `gh` |
## Code Analysis
- Line counts: `tokei`
- AST search: `ast-grep` / `sg`
- Benchmarks: `hyperfine`
- Disk usage: `dust`
## System Monitoring
| Instead of | Use |
|------------|-----|
| `du -h` | `dust` |
| `top`/`htop` | `btm` (bottom) |
## Documentation
| Instead of | Use |
|------------|-----|
| `man <cmd>` | `tldr <cmd>` |
## Python
| Instead of | Use |
|------------|-----|
| `pip` | `uv` |
| `python -m venv` | `uv venv` |
## Task Running
Prefer `just` over Makefiles.
## Web Fetching
| Priority | Tool | When to Use |
|----------|------|-------------|
| 1 | `WebFetch` | First attempt - fast, built-in |
| 2 | `r.jina.ai/URL` | JS-rendered pages, cleaner extraction |
| 3 | `firecrawl <url>` | Anti-bot bypass, blocked sites |
## AI CLI Tools
For multi-model analysis:
| Tool | Model | Best For |
|------|-------|----------|
| `gemini` | Gemini 2.5 | 2M context, large codebases |
| `claude` | Claude | Coding, analysis |
| `codex` | OpenAI | Deep reasoning |
| `perplexity` | Perplexity | Web search, current info |
## Git Safety
Destructive commands require confirmation (in "ask" list):
| Command | Risk | Safe Alternative |
|---------|------|------------------|
| `git reset --hard` | Loses uncommitted changes | `git stash` first |
| `git checkout -- <file>` | Discards file changes | `git stash` or `git diff` first |
| `git clean -fd` | Deletes untracked files | `git clean -n` (dry run) first |
| `git stash drop` | Permanently deletes stash | Check `git stash list` first |
| `git push --force` | Overwrites remote history | `git push --force-with-lease` |
| `git branch -D` | Deletes unmerged branch | `git branch -d` (safe delete) |
**Before destructive operations:**
1. Check status: `git status`
2. Check for uncommitted changes: `git diff`
3. Consider stashing: `git stash`
4. Use dry-run flags when available
Reference: https://github.com/0xDarkMatter/dev-shell-tools
Report to user:
Initialized Claude Code with dev-shell-tools:
Created:
.claude/settings.local.json (74 tool permissions, 11 guardrails)
.claude/rules/cli-tools.md (modern tool preferences)
Claude will now:
- Auto-approve dev-shell-tools commands
- Prefer fd over find, rg over grep, bat over cat, etc.
- Use AI CLIs for multi-model analysis
- Ask before destructive git commands (reset --hard, push --force, etc.)
To customize: edit files in .claude/
To add to git: git add .claude/
| Flag | Effect |
|---|---|
--force | Overwrite existing without asking |
--perms-only | Only install permissions, skip rules |
--rules-only | Only install rules, skip permissions |
--minimal | Minimal permissions (git, ls, cat, mkdir only) |
--full | Add cloud/container tools (docker, kubectl, terraform, etc.) |
--no-guardrails | Skip git safety guardrails (empty "ask" list) |
Adds to permissions:
"Bash(podman:*)",
"Bash(kubectl:*)",
"Bash(helm:*)",
"Bash(terraform:*)",
"Bash(pulumi:*)",
"Bash(aws:*)",
"Bash(gcloud:*)",
"Bash(az:*)",
"Bash(wrangler:*)",
"Bash(flyctl:*)",
"Bash(railway:*)"
~/.claude/ still applynpx claudepluginhub 0xdarkmatter/claude-mods --plugin claude-modsConfigures Claude Code permissions: tool rules (allow/deny/ask), modes (plan/dontAsk/bypass), sandboxing. Use for Bash/Edit/WebFetch policies, debugging prompts, org managed settings.
Explains Claude Code settings hierarchy, permission wildcards, allow/deny patterns, and tool configurations. Use for setting up project permissions, debugging access issues, or understanding tool blocks.
Configures Claude Code security settings with permission wildcards, shell operator protections, and project-level access controls. Use for securing tools like Bash and workflows.