Really useful guide, Avi. Quick question that's been on my mind.
The deny list in settings.json works well when a human is driving. But when Claude Code runs as an agent (headless, CI pipelines, automated workflows), a deny list isn't enough. The agent has Bash access, it can get creative.
We built OneCLI (https://github.com/onecli/onecli) around this problem. Proxy layer that swaps placeholder tokens for real creds at the network level, so the agent never touches actual secrets.
But beyond credentials, do you think the entire .claude/ config should look different for agent mode vs human mode? Different rules, different permissions, maybe even different skills that activate? Would love to hear your take. (onecli.sh)
"Custom commands have been merged into skills. A file at .claude/commands/deploy.md and a skill at .claude/skills/deploy/SKILL.md both create /deploy and work the same way. Your existing .claude/commands/ files keep working. Skills add optional features: a directory for supporting files, frontmatter to control whether you or Claude invokes them, and the ability for Claude to load them automatically when relevant."
This is awesome! May I ask how/what you create your graphics with? I find them super helpful and would love to do something similar in my own projects.
Really useful guide, Avi. Quick question that's been on my mind.
The deny list in settings.json works well when a human is driving. But when Claude Code runs as an agent (headless, CI pipelines, automated workflows), a deny list isn't enough. The agent has Bash access, it can get creative.
We built OneCLI (https://github.com/onecli/onecli) around this problem. Proxy layer that swaps placeholder tokens for real creds at the network level, so the agent never touches actual secrets.
But beyond credentials, do you think the entire .claude/ config should look different for agent mode vs human mode? Different rules, different permissions, maybe even different skills that activate? Would love to hear your take. (onecli.sh)
This is good, but no need to separate out Commands now that they have been merged with Skills.
https://code.claude.com/docs/en/slash-commands#skill-tool
"Custom commands have been merged into skills. A file at .claude/commands/deploy.md and a skill at .claude/skills/deploy/SKILL.md both create /deploy and work the same way. Your existing .claude/commands/ files keep working. Skills add optional features: a directory for supporting files, frontmatter to control whether you or Claude invokes them, and the ability for Claude to load them automatically when relevant."
This is awesome! May I ask how/what you create your graphics with? I find them super helpful and would love to do something similar in my own projects.