allowed-tools

Claude Code

Definition

A skill frontmatter field that whitelists which tools a skill can use during its execution. Enforces the principle of least privilege for skills. Use specific tool names or MCP server patterns (e.g., 'mcp__github__*' allows all GitHub MCP tools).

Example Usage

Set allowed-tools: [read_file, list_directory] for an analysis skill to prevent it from writing files even if asked.

Related Concepts

Skill Frontmatter Configuration

Claude Code & Workflows

context: fork isolates skill execution from main conversation

Tool Distribution & Least Privilege

Tool Design & MCP

Each agent should have only the tools needed for its specific role (4-5 tools, not 18)

Related Terms

Skill Frontmatter Skills (Claude Code)

← Back to Glossary