Allow skill-scoped permission overrides
Resolved 💬 3 comments Opened Mar 31, 2026 by LetsAppPro Closed May 10, 2026
Feature Request
Skills should be able to define permission overrides that only apply while that skill is executing, without affecting the global session permissions.
Use Case
A /release skill that bumps package.json, writes to CHANGELOG.md, and runs ship commands is predictable and safe — but currently requires either:
- Clicking "Yes, allow all edits this session" each time the skill runs
- Setting
defaultMode: "acceptEdits"globally, which auto-allows all edits in all contexts
Neither option is ideal. The skill author knows exactly which tools and files the skill will touch, so it should be able to declare that.
Proposal
Allow a permissions block in the skill frontmatter or definition that scopes permission overrides to that skill's execution:
permissions:
allow:
- Edit
- Write
When the skill finishes, permissions revert to the session/global defaults.
Why This Matters
- Skills are authored by the user — they already trust the skill's behavior
- Prompting for expected, routine edits adds friction without adding safety
- Global permission escalation is too broad a trade-off for a scoped task
This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗