Free client-side tool
Claude Code Permissions Profile Builder
Choose a risk posture and allowed tool surface, then copy a settings.json permissions block with explicit allow, ask, and deny rules.
Key facts
Before you copy the output
- Runs offline in the browser and never sends permission rules to a server.
- Uses deny, ask, and allow arrays because Claude Code evaluates deny rules first.
- Includes optional MCP and Agent rules using the canonical permission-rule shape.
Output
Copy the settings.json permissions block
How to use it
- Pick the risk posture that matches the repository and task type.
- Select trusted command families and any MCP or subagent access.
- Copy the generated permissions block into the right settings scope.
- Run Claude Code once after adding settings to catch startup warnings for typos.
Sources checked
Generated output is a starter, not an official policy recommendation. Review commands, paths, and permissions against your own repository before using it.
FAQ
Can a narrow allow override a broad deny?
No. Claude Code permission rules are evaluated deny, then ask, then allow, so a broad deny remains a hard boundary.
Should I deny every MCP tool by default?
That is reasonable for high-risk repos. For ordinary repos, prefer naming the specific MCP server or tool you trust rather than allowing every configured server.