From appsec-advisor
Preflight Claude Code permission allow-list for the AppSec plugin. Reports missing Bash/Write/Edit/Read rules so unattended threat-model runs don't block. Supports --update to merge entries.
How this skill is triggered — by the user, by Claude, or both
Slash command
/appsec-advisor:check-permissionsThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
You are running a preflight check that tells the user which Claude Code permission rules are still needed for unattended AppSec runs, and optionally writes them into their settings.json. This skill does **not** analyze code, dispatch agents, or modify repository content. It only reads / writes `settings.json` files.
You are running a preflight check that tells the user which Claude Code permission rules are still needed for unattended AppSec runs, and optionally writes them into their settings.json. This skill does not analyze code, dispatch agents, or modify repository content. It only reads / writes settings.json files.
--help / -h — inline help (early exit)If the user's arguments contain --help or -h, delegate to the helper with --help and exit — the helper owns the canonical help text.
Recognized flags:
--repo <path> --output <path> --plugin-dir <path> --scope <scope>
--update --json --help | -h
Parse these and set REPO_ROOT, OUTPUT_DIR, PLUGIN_DIR, SCOPE,
UPDATE_MODE, JSON_MODE. Default REPO_ROOT by resolving the git
repository root (so that the skill works correctly even when invoked from a
subdirectory such as docs/security); default OUTPUT_DIR to
$REPO_ROOT/docs/security; default SCOPE to local.
If the invocation contains any token that is not one of the recognized
flags above — or is not the value consumed by --repo / --output /
--plugin-dir / --scope — DO NOT proceed. Do not invoke the helper.
Print the following block verbatim to stderr, substituting <TOKEN> with
the first unknown token, then exit with status 2:
Error: unknown argument '<TOKEN>'
/appsec-advisor:check-permissions accepts only:
--repo <path> Repository to inspect (default: git repo root of cwd)
--output <path> Output directory (default: <repo>/docs/security)
--plugin-dir <path> Plugin install directory (default: $CLAUDE_PLUGIN_ROOT)
--scope <scope> Settings scope: local | user | project (default: local)
--update Merge missing permission entries into settings.json
--json Emit the result as machine-readable JSON
--help, -h Show full help and exit
Run `/appsec-advisor:check-permissions --help` for details.
A flag that takes a value counts as unknown when its value is missing — treat the flag itself as the offending token. Repeated occurrences of the same flag are allowed; the last value wins.
If --repo was not passed, resolve REPO_ROOT from the git repository root:
if [ -z "$REPO_ROOT" ]; then
REPO_ROOT=$(git rev-parse --show-toplevel 2>/dev/null || pwd)
fi
Delegate to the Python helper that owns the formatting and JSON merging:
ARGS="--repo-root $REPO_ROOT --output-dir $OUTPUT_DIR --plugin-dir $CLAUDE_PLUGIN_ROOT --scope $SCOPE"
[ "$UPDATE_MODE" = "true" ] && ARGS="$ARGS --update"
[ "$JSON_MODE" = "true" ] && ARGS="$ARGS --json"
python3 "$CLAUDE_PLUGIN_ROOT/scripts/check_permissions.py" $ARGS
Capture the helper's exit code and propagate it.
IMPORTANT: print the helper's stdout verbatim and stop. Do NOT add any text before or after it — no summary, no paraphrase, no "All permissions are already configured" sentence, no closing remark of any kind. The helper's output is the complete and final response.
npx claudepluginhub matthiasrohr/appsec-advisorWrites Claude Code permission allow-list into a target repository so that /appsec-advisor:create-threat-model runs without permission prompts. One-shot setup; idempotent.
Audits .claude/settings.local.json permissions for dangerous patterns like hook bypasses (git push:*), destructive commands (rm -rf:*), and config injection vectors. Use periodically, after granting permissions, or for security hygiene.
Provides reference for Claude Code permission modes (default, acceptEdits, plan, dontAsk, bypass), allow/deny lists, pattern matching, and tool categories. Use to configure secure tool access and switch modes runtime.