[FEATURE] Support command-scoped permissions for custom slash commands
Preflight Checklist
- [x] I have searched existing requests and this feature hasn't been requested yet
- [x] This is a single feature request (not multiple features)
Problem Statement
Description:
I'd like the ability to define permissions that only apply when running a specific custom command (slash command), rather than globally for all Claude interactions in a project.
Use case:
I have a /debug_branch command that creates a git branch, modifies a file, commits, and pushes. I want git operations to auto-approve only when running this specific command, but still require approval for git commands during regular Claude usage.
Proposed Solution
Proposed solution:
Allow permissions to be defined within the command's .md file or in a sibling config file. For example:
# .claude/commands/debug_branch.md
---
permissions:
allow:
- "Bash(git *)"
---
# Debug Branch Command
...
Or alternatively, support a .claude/commands/debug_branch.json config file alongside the .md file.
Alternative Solutions
_No response_
Priority
Medium - Would be very helpful
Feature Category
Interactive mode (TUI)
Use Case Example
_No response_
Additional Context
Why this matters:
- Enables "trusted" automation commands without loosening security globally
- Users can confidently share commands that need elevated permissions without affecting the overall project security posture
- Follows principle of least privilege
This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗