[FEATURE] Agent-specific file permissions for specialized agents

Resolved 💬 3 comments Opened Jan 30, 2026 by nazps Closed Feb 3, 2026

Preflight Checklist

  • [x] I have searched existing requests and this feature hasn't been requested yet
  • [x] This is a single feature request (not multiple features)

Problem Statement

Problem

Currently, Claude Code's permission system is file-based, not agent-based. When a user grants write permission to a file (e.g., clients.csv), any agent or tool can write to that file without restriction. This creates security and data integrity concerns when using specialized agents with specific responsibilities.

Proposed Solution

Add agent-scoped permissions that allow users to grant file access to specific agents:

Permission Request:
Agent "crm-manager" is requesting WRITE access to clients.csv

[ ] Grant to this agent only
[ ] Grant to all agents (current behavior)
[ ] Deny

Or in configuration:
"permissions": {
"clients.csv": {
"write": ["crm-manager"]
}
}

Alternative Solutions

  • Manual approval each time (tedious and error-prone)
  • Custom validation hooks (complex and not built-in)
  • Separate files for each agent (breaks normalized data structure)

Priority

High - Significant impact on productivity

Feature Category

CLI commands and flags

Use Case Example

Use Case

I have a crm-manager agent that is specifically designed to handle all CRM operations on clients.csv. Other agents in my workflow (like process-orchestrator, precheck-analyst, etc.) should NOT have write access to this file, as the crm-manager is the only agent with the proper logic and validation to safely modify client data.

Current Limitation

When the crm-manager agent requests write permission to clients.csv:

  • I can approve it, but this grants write permission to ALL agents/tools
  • I can deny it, but then the crm-manager cannot function
  • There's no way to grant permission specifically to the crm-manager agent only

Additional Context

_No response_

View original on GitHub ↗

This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗