Skip to content

Declarative Claude Code config: skills, settings, permissions, and stop hook#74

Open
bphenriques wants to merge 2 commits intomainfrom
claude/setup-prompt-templates-yKr5I
Open

Declarative Claude Code config: skills, settings, permissions, and stop hook#74
bphenriques wants to merge 2 commits intomainfrom
claude/setup-prompt-templates-yKr5I

Conversation

@bphenriques
Copy link
Copy Markdown
Owner

@bphenriques bphenriques commented Mar 25, 2026
edited
Loading

Summary

  • Replace the single code-reviewer agent with four user-invocable skills: /review-code, /review-security, /design-review, and /deep-plan
  • Add declarative settings managed via home-manager: default model (opus), permissions, and hooks
  • Pre-approve safe read-only tools (Read, Glob, Grep, Agent) and common commands (git *, nix *, home-manager *, nixos-rebuild *) to reduce permission prompts
  • Move the stop hook (git hygiene check) from manually-placed /root/.claude/ into Nix as claude-code-stop-hook.sh

Why skills over agents

Skills are user-invoked slash commands (/review-code) — matches the workflow of explicitly choosing a review persona. Agents are auto-delegated by Claude during conversations, which isn't the use case here. Each skill accepts $ARGUMENTS for context-specific variations (e.g., /review-code focus on Nix module patterns).

What's configured

Setting Value Rationale
Default model opus Preferred for deep thinking; switch to sonnet mid-session for execution
Allowed tools Read, Glob, Grep, Agent, Skill Safe read-only tools that don't need prompting
Allowed commands git *, nix *, home-manager *, nixos-rebuild * Common daily commands
Stop hook Git uncommitted/unpushed check Prevents losing work when session ends

Skills overview

Skill Purpose Tools
/review-code Deep code review: correctness, idioms, simplicity, architecture Read, Grep, Glob, Bash
/review-security Pragmatic security review with OWASP-style checklist Read, Grep, Glob, Bash
/design-review Enterprise architecture review for technical design docs Read, Grep, Glob, Bash, WebSearch, WebFetch
/deep-plan Structured implementation planning with trade-offs and steps Read, Grep, Glob, Bash, WebSearch, WebFetch

Test plan

  • Apply config with home-manager switch and verify ~/.claude/skills/ contains the four skill directories with SKILL.md files
  • Verify ~/.claude/settings.json contains the model, permissions, and hooks config
  • Open a Claude Code session and confirm /review-code, /review-security, /design-review, /deep-plan autocomplete
  • Verify read-only tools and git/nix commands no longer prompt for permission
  • Test stop hook: make a change without committing, then let Claude finish — should block

https://claude.ai/code/session_011WgapntT1iuzZE784p9AdL

claude added 2 commits March 25, 2026 20:35
@claude
Replace claude-code agent with reusable skill templates
815a4aa 
Replace the single code-reviewer agent with four user-invocable skills:
/review-code, /review-security, /design-review, and /deep-plan.
Skills are slash commands that avoid rewriting the same persona prompts
repeatedly and accept $ARGUMENTS for context-specific variations.

https://claude.ai/code/session_011WgapntT1iuzZE784p9AdL
@claude
Add settings, permissions, and stop hook to claude-code config
9d1f19c 
Manage all Claude Code configuration declaratively via home-manager:
- Default model set to opus
- Pre-approve safe read-only tools and common commands (git, nix)
- Move stop hook (git hygiene check) from manual /root/.claude/ into Nix

https://claude.ai/code/session_011WgapntT1iuzZE784p9AdL
@bphenriques bphenriques changed the title Replace claude-code agent with reusable skill templates Declarative Claude Code config: skills, settings, permissions, and stop hook Mar 25, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@bphenriques @claude