WingNews logo WingNews
top | item 46636786

Show HN: Control Claude permissions using a cloud-based decision table UI

14 points| sidgarimella | 1 month ago |github.com

We’ve been building visual rule engines (clear spreadsheet interfaces -> API endpoints that map incoming data to a large number of potential outcomes), and had the fun idea lately to see what happens when we use our decision table UI with Claude’s PreToolUse hook.

The result is a surprisingly useful policy/gating layer– these tables let your team:

- Write conditional, exception-friendly policies beyond globs/prefixes (e.g. allow rm -rf only in */node_modules/*, deny / or $HOME, ask if --force or network call; gate kubectl delete / SQL DROP with a clear reason)

- Roll out policy changes instantly (mid-run, flip a risky operation from allow → ask; the next attempt across devs and agents is gated immediately– no git pull or agent restart required)

- Adopt lightweight governance that is somewhat agent agnostic and survives churn (MCP/skills/etc)- just add columns/rules as new tools and metadata show up

- Gain a central utility to understand which tools are being used, which tools get blocked most often, and why

10 comments

order

bflesch|1 month ago

It's hard for me to comprehend how ublock origin blocks a total of 10 different tracking scripts on your website https://rulebricks.com/ and all you can come up with is a small text in the bottom saying "This website may collect cookies to optimize your user experience".

"May collect cookies"? Do you think google makes money by collecting cookies? You are brazenly lying into my face and even using a dark pattern to hide this ridiculously formulated sentence at the bottom of the screen.

Why does your company decide to employ falsehoods and dark patterns at such an obvious place? It erodes any trust.

sidgarimella|1 month ago

The wording has been updated, and we’ll review our instrumentation. Appreciate your feedback.

threecheese|1 month ago

I like the approach, I’ve been looking for something with a UI but not from a corp compliance perspective; as I scale usage of Claude I am finding permission checks to be a huge pain in the neck. In my circle, you can identify someone who uses the heck out of Claude Code by their use of —dangerously-skip-permissions (I did that with fat fingers but without typos, that’s how often I need it).

furyofantares|1 month ago

> I did that with fat fingers but without typos, that’s how often I need it

You mean you don't just have it aliased to "claude" ?

sidgarimella|1 month ago

Guilty as charged

Thoughts on /permissions from the CLI?

sidgarimella|1 month ago

Curious to learn if/how folks are using the PreToolUse hook in their own setup

iqandjoke|1 month ago

Missing a lot critical commands: like passwd, shutdown, etc

sidgarimella|1 month ago

Will extend the decision table template when we can

hrimfaxi|1 month ago

I really find it disingenuous when Show HNs link to a github that is just a landing page to get you to create an account for their service. Multiple clicks to find that free only covers 100 rule evaluations.