← Claude Code Hub
✦ Tip #015 Feb 21, 2026

Quick Tip: Automate Skill Permissions with allowed-tools

Use the allowed-tools field in your Claude Code skills to automate tool approval and eliminate repetitive confirmation prompts.

When a skill orchestrates multiple tools — SSH connections, web searches, external APIs, Git — Claude Code asks for approval on each one. For content creation skills, that means dozens of confirmation prompts per run. The allowed-tools field in the frontmatter grants automatic approval only for the tools you specify: selective freedom, not blanket access.

It's the implicit 6th rule of skill design — the other five (description, progressive disclosure, <500 lines, explain the why, evals) live in The 5 rules Anthropic publishes for creating skills. allowed-tools earns its own tip because the syntax has nuances worth mastering before using it in production.

The most practical approach is to discover it backwards: run the skill manually a few times, approve each tool by hand, note the pattern. After 2-3 runs you'll know exactly what it needs. That's when you formalize it in the frontmatter.

Result:

---
name: publish-content
description: Generate and publish content to production
allowed-tools: Read, Write, Bash(ssh *), Bash(git *), mcp__notion__notion-fetch
---

Setup

1. Run the skill without allowed-tools

Each time Claude asks for permission, note two things: the tool name and the exact command. After a few runs you'll have the complete list.

2. Add allowed-tools to the frontmatter

---
name: publish-article
description: Generate and publish a blog article
allowed-tools: Read, Write, Edit, Glob, Grep, WebSearch, WebFetch, Bash(ssh *), Bash(mv *), Bash(git *), mcp__notion__notion-create-pages, mcp__notion__notion-fetch
---

The syntax follows three patterns:

  • Native tools: direct name — Read, Write, WebSearch
  • Bash commands: Bash(pattern *) — the * accepts any argument after the pattern
  • MCP tools: full tool name — mcp__server__tool-name

3. Verify

Invoke the skill. Listed tools run without confirmation. Anything not in the list still requires approval — that's the control you keep.

Reference

Pattern Allows
Read Read any file
Bash(ssh *) Any SSH command
Bash(git *) Any Git operation
Bash(npm run *) Only npm scripts
WebSearch Web searches
mcp__notion__notion-fetch Only Notion fetch tool

For advanced patterns and real-world examples, see the Claude Code skills guide.

Official docs: Extend Claude with skills

Free guide

51 tips to master Claude Code.

One page per tip. Five chapters. What I actually use daily in production — no theory, no fluff.

  • I. Getting started 10 tips
  • II. Awareness 3 tips
  • III. Mastery 22 tips
  • IV. Autonomy 10 tips
  • V. Comparison 6 tips
Are you a professional Web developer?

You'll receive the guide by email · You join the Gravitas newsletter · Unsubscribe anytime

of 51
#

Wmedia · 51 Tips
Free guide · 51 tips · 5 chapters

51 tips to master Claude Code.

Are you a professional Web developer? · Unsubscribe anytime