Awesome-ChatGPT-Prompts/prompts/coding/update_agent_permissions_13...

---
title: "Update Agent Permissions"
contributor: "@grantcarthew"
tags: #coding, #grantcarthew
---

# Task: Update Agent Permissions

Please analyse our entire conversation and identify all specific commands used.

Update permissions for both Claude Code and Gemini CLI.

## Reference Files

- Claude: ~/.claude/settings.json
- Gemini policy: ~/.gemini/policies/tool-permissions.toml
- Gemini settings: ~/.gemini/settings.json
- Gemini trusted folders: ~/.gemini/trustedFolders.json

## Instructions

1. Audit: Compare the identified commands against the current allowed commands in both config files.
2. Filter: Only include commands that provide read-only access to resources.
3. Restrict: Explicitly exclude any commands capable of modifying, deleting, or destroying data.
4. Update: Add only the missing read-only commands to both config files.
5. Constraint: Do not use wildcards. Each command must be listed individually for granular security.

Show me the list of commands under two categories: Read-Only, and Write

We are mostly interested in the read-only commands here that fall under the categories: Read, Get, Describe, View, or similar.

Once I have approved the list, update both config files.

## Claude Format

File: ~/.claude/settings.json

Claude uses a JSON permissions object with allow, deny, and ask arrays.

Allow format: `Bash(command subcommand:*)`

Insert new commands in alphabetical order within the allow array.

## Gemini Format

File: ~/.gemini/policies/tool-permissions.toml

Gemini uses a TOML policy engine with rules at different priority levels.

Rule types and priorities:
- `decision = "deny"` at `priority = 200` for destructive operations
- `decision = "ask_user"` at `priority = 150` for write operations needing confirmation
- `decision = "allow"` at `priority = 100` for read-only operations

For allow rules, use `commandPrefix` (provides word-boundary matching).
For deny and ask rules, use `commandRegex` (catches flag variants).

New read-only commands should be added to the appropriate existing `[[rule]]` block by category, or a new block if no category fits.

Example allow rule:
Automated ingestion of prompt: Update Agent Permissions 2026-06-06 20:35:43 +00:00			`---`
			`title: "Update Agent Permissions"`
			`contributor: "@grantcarthew"`
			`tags: #coding, #grantcarthew`
			`---`

			`# Task: Update Agent Permissions`

			`Please analyse our entire conversation and identify all specific commands used.`

			`Update permissions for both Claude Code and Gemini CLI.`

			`## Reference Files`

			`- Claude: ~/.claude/settings.json`
			`- Gemini policy: ~/.gemini/policies/tool-permissions.toml`
			`- Gemini settings: ~/.gemini/settings.json`
			`- Gemini trusted folders: ~/.gemini/trustedFolders.json`

			`## Instructions`

			`1. Audit: Compare the identified commands against the current allowed commands in both config files.`
			`2. Filter: Only include commands that provide read-only access to resources.`
			`3. Restrict: Explicitly exclude any commands capable of modifying, deleting, or destroying data.`
			`4. Update: Add only the missing read-only commands to both config files.`
			`5. Constraint: Do not use wildcards. Each command must be listed individually for granular security.`

			`Show me the list of commands under two categories: Read-Only, and Write`

			`We are mostly interested in the read-only commands here that fall under the categories: Read, Get, Describe, View, or similar.`

			`Once I have approved the list, update both config files.`

			`## Claude Format`

			`File: ~/.claude/settings.json`

			`Claude uses a JSON permissions object with allow, deny, and ask arrays.`

			Allow format: `Bash(command subcommand:*)`

			`Insert new commands in alphabetical order within the allow array.`

			`## Gemini Format`

			`File: ~/.gemini/policies/tool-permissions.toml`

			`Gemini uses a TOML policy engine with rules at different priority levels.`

			`Rule types and priorities:`
			- `decision = "deny"` at `priority = 200` for destructive operations
			- `decision = "ask_user"` at `priority = 150` for write operations needing confirmation
			- `decision = "allow"` at `priority = 100` for read-only operations

			For allow rules, use `commandPrefix` (provides word-boundary matching).
			For deny and ask rules, use `commandRegex` (catches flag variants).

			New read-only commands should be added to the appropriate existing `[[rule]]` block by category, or a new block if no category fits.

			`Example allow rule:`