Skip to content

fix: add missing allowed-tools to 5 commands that need tool access#185

Open
xiaolai wants to merge 1 commit intoComposioHQ:masterfrom
xiaolai:fix/nlpm-commands-allowed-tools
Open

fix: add missing allowed-tools to 5 commands that need tool access#185
xiaolai wants to merge 1 commit intoComposioHQ:masterfrom
xiaolai:fix/nlpm-commands-allowed-tools

Conversation

@xiaolai
Copy link
Copy Markdown

@xiaolai xiaolai commented Apr 21, 2026

Automated audit: This PR was generated by NLPM, a natural language programming linter, running via claude-code-action. Please evaluate the diff on its merits.

Bug

Five commands declared no allowed-tools in their frontmatter. In Claude Code, a command with no allowed-tools cannot make any tool calls — all tool use is denied. This means each of these commands is broken: their described workflows silently fail at the first tool call.

Command Missing tools Impact
pr-review/commands/pr-review.md Bash(git:*), Bash(gh:*), Read, Glob, Grep Cannot read diff or fetch PR data
commit/commands/commit.md Bash(git:*), Bash(npm:*), Bash(yarn:*), Bash(pnpm:*) Cannot run pre-commit checks or execute git commit
create-pr/commands/create-pr.md Bash(git:*), Bash(gh:*), Bash(biome:*), Read, Glob Cannot create branch, format files, or open PR
documentation-generator/commands/documentation-generator.md Read, Write, Edit, Glob, Grep Cannot read any source files to generate docs
bug-fix/commands/bug-fix.md Bash(git:*), Bash(gh:*), Read, Write, Edit, Glob, Grep Cannot create issue, checkout branch, commit, or push

Fix

Added allowed-tools to each command's frontmatter, scoped to the tools their body actually requires:

  • pr-review: reads git history and gh PR data, searches code
  • commit: runs package manager lint/build scripts and git operations
  • create-pr: git branch/commit/push, biome format, gh PR creation, reads files
  • documentation-generator: reads source files, writes/edits documentation output
  • bug-fix: git checkout/commit/push, gh issue/PR creation, reads and edits code

The tool lists are minimal — each entry is justified by a concrete operation described in the command body.

Impact

Without this fix, users invoking any of these commands get silent failures: the command body runs but all tool calls are rejected. With allowed-tools declared, the permissions contract is explicit and the commands can actually perform their described workflows.

@claude @claude
fix: add missing allowed-tools to commands that need tool access
d69ecf3 
Five commands declared no allowed-tools in their frontmatter, meaning
Claude Code would deny all tool calls within those commands. Each command
describes operations that require specific tools to function:

- pr-review: reads git diff and gh PR data — needs Bash(git:*), Bash(gh:*), Read, Glob, Grep
- commit: runs linting/build pre-hooks and git commit — needs Bash(git:*), Bash(npm:*), Bash(yarn:*), Bash(pnpm:*)
- create-pr: creates branch, formats with Biome, pushes, opens PR — needs Bash(git:*), Bash(gh:*), Bash(biome:*), Read, Glob
- documentation-generator: reads source files to generate docs — needs Read, Write, Edit, Glob, Grep
- bug-fix: creates GH issue, checks out branch, commits, pushes, opens PR — needs Bash(git:*), Bash(gh:*), Read, Write, Edit, Glob, Grep

Co-Authored-By: Claude Code <noreply@anthropic.com>
This was referenced Apr 21, 2026
Open
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@xiaolai