{
  "$schema": "https://json.schemastore.org/claude-code-settings.json",
  "permissions": {
    "allow": [
      "Bash(go *)",
      "Bash(make *)",
      "Bash(git status)",
      "Bash(git diff *)",
      "Bash(git log *)",
      "Bash(git branch *)",
      "Bash(git fetch *)",
      "Bash(git pull *)",
      "Bash(git remote -v)",
      "Bash(podman *)",
      "Bash(podman-compose *)",
      "Bash(docker *)",
      "Bash(docker-compose *)",
      "Bash(xmlstarlet *)",
      "Bash(jq *)",
      "Bash(ls *)",
      "Bash(cat *)",
      "Bash(grep *)",
      "Bash(find *)",
      "Bash(npm run *)",
      "Bash(npx *)",
      "Bash(./scripts/*)"
    ],
    "deny": [
      "Bash(rm -rf /*)",
      "Bash(rm -rf ~)",
      "Bash(rm -rf $HOME)",
      "Bash(sudo *)",
      "Bash(dd *)",
      "Bash(mkfs *)",
      "Bash(curl * | sh)",
      "Bash(curl * | bash)",
      "Bash(wget * | sh)",
      "Bash(wget * | bash)",
      "Read(/etc/cryptopro/**)",
      "Read(/var/cryptopro/**)",
      "Read(/etc/ipsec.d/**)",
      "Read(/root/**)",
      "Read(/home/admin/**)",
      "Write(/etc/**)",
      "Write(/var/**)",
      "Write(/root/**)",
      "Write(/home/admin/**)"
    ]
  }
}