Feature: per-command scoped permissions

Resolved 💬 3 comments Opened Feb 26, 2026 by emilmalmsten Closed Mar 1, 2026

Feature Request

Allow scoping permission rules to specific slash commands (skills).

Problem

Currently, the allow/deny lists in settings.local.json apply globally to all commands. There's no way to grant a specific slash command additional permissions without granting them to every command.

Use Case

For example, a /deploy command might need Bash(docker *) permissions, but I don't want every command to have access to Docker. Today, the only options are:

  1. Allow it globally (too permissive)
  2. Leave it denied and get prompted every time (friction)

Proposed Solution

Support scoped permissions in the settings file, something like:

{
  "permissions": {
    "allow": ["Glob", "Grep", "Read"],
    "commands": {
      "deploy": {
        "allow": ["Bash(docker *)"]
      },
      "allow-permission": {
        "allow": ["Edit(.claude/settings.local.json)"]
      }
    }
  }
}

When a slash command runs, its scoped permissions would be merged with the global ones. This would allow giving specific commands elevated access without broadly opening up permissions.

Alternatives Considered

  • Documenting restrictions in the skill prompt (relies on LLM compliance, not enforced)
  • Keeping commands out of global allow and approving manually each time (adds friction)

View original on GitHub ↗

This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗