update-allowed-tools

仓库: vinta/hal-9000
安装量: 45
排名: #16487

安装

npx skills add https://github.com/vinta/hal-9000 --skill update-allowed-tools
Overview
Analyzes a skill's full content -- SKILL.md and any sibling files in the same directory -- to find tools it references or requires, then compares against the skill's
allowed-tools
frontmatter to find missing entries.
Usage
/update-allowed-tools
/update-allowed-tools @path/to/SKILL.md
Instructions
Parse argument
The argument is either a file path to a SKILL.md file, or a skill name/description. If no file path is provided, search for the skill using Glob — first in the current working directory (e.g.,
/skills///SKILL.md
), then in
~/.claude/skills/**//SKILL.md
.
Read the skill file
and separate the YAML frontmatter from the body content. Also read any other files in the same directory (sibling files referenced by or bundled with the skill).
Extract declared allowed-tools
Parse all entries under
allowed-tools:
in the frontmatter.
Scan all skill content
(SKILL.md body + sibling files) for tool usage. Look for:
Explicit tool names: e.g.,
Read
,
Write
,
Edit
,
Bash
,
WebFetch
,
WebSearch
,
Task
,
AskUserQuestion
,
Skill
, etc.
Bash command patterns: e.g.,
git diff
,
git commit
,
make
,
npm
,
docker
,
python
,
curl
, etc.
For Bash commands found, the required allowed-tool format is
Bash(:*)
(e.g.,
git stash push
needs
Bash(git stash:*)
)
For file tools with path patterns (Read, Write, Edit), note the paths referenced (e.g.,
/tmp/
needs
Read(//tmp/**)
)
Skill invocations: e.g.,
commit
,
Use the commit skill
,
Skill(commit)
. The required allowed-tool format is
Skill()
(e.g.,
commit
needs
Skill(commit)
)
Compare
For each tool detected in the body, check if it's covered by an entry in
allowed-tools
. Rules:
Glob
,
Grep
,
Read
,
Write
,
Edit
are available by default for files within the project directory. Only add these when the skill needs to access files
outside
the project (e.g.,
Read(//tmp/**)
,
Write(~/.config/**)
).
Bash
commands always need explicit
Bash(:*)
entries.
A Bash pattern covers subcommands (e.g.,
Bash(git stash:*)
covers
git stash push
).
Exact match counts as covered (e.g.,
WebSearch
matches
WebSearch
).
Update the skill file
For any missing tools found, add them to the
allowed-tools
list in the skill's YAML frontmatter using the Edit tool. Then report what was added.
Validate
Re-read the updated file to confirm YAML frontmatter remains syntactically valid (proper indentation, no duplicate entries, correct list format).
返回排行榜