feat: Enhance introspect, expand setperms, remove templates (v2.2.0)

- /introspect now generates Session Insights: workflow improvements,
  skill suggestions, and ready-to-paste permission configs
- /setperms default template expanded from 51 to 74 tool permissions
- Removed claude-code-templates (replaced by Anthropic's skill-creator)
- Install scripts auto-clean templates from existing installs

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

.claude-plugin/plugin.json

@@ -1,6 +1,6 @@
 {
   "name": "claude-mods",
-  "version": "2.1.0",
+  "version": "2.2.0",
   "description": "Custom commands, skills, and agents for Claude Code - session continuity, 22 expert agents, 65 skills, 3 commands, 5 rules, 3 hooks, 4 output styles, modern CLI tools",
   "author": "0xDarkMatter",
   "repository": "https://github.com/0xDarkMatter/claude-mods",
@@ -55,7 +55,6 @@
       "skills/claude-code-debug",
       "skills/claude-code-headless",
       "skills/claude-code-hooks",
-      "skills/claude-code-templates",
       "skills/cli-ops",
       "skills/code-stats",
       "skills/container-orchestration",

README.md

@@ -22,8 +22,13 @@ From Python async patterns to Rust ownership models, from AWS Fargate deployment
 
 ## Recent Updates
 
+**v2.2.0** (March 2026)
+- 🔍 **`/introspect` enhanced** - Now generates Session Insights after every analysis: workflow improvements, skill suggestions, and ready-to-paste permission configs to reduce interruptions. Scales recommendations to session size.
+- 🔧 **`/setperms` expanded** - Default template now includes 74 tool permissions (was 51): docker, cargo, go, pytest, npx, pnpm, yarn, bun, make, archive tools, data utilities.
+- 🗑️ **`claude-code-templates` removed** - Redundant with Anthropic's first-party `skill-creator`. Install scripts auto-clean existing installs.
+
 **v2.1.0** (March 2026)
-- 🔁 **`/iterate` skill** - Autonomous improvement loop inspired by [Karpathy's autoresearch](https://github.com/karpathy/autoresearch). Define a goal, scope, and mechanical metric - the agent loops autonomously: modify, measure, keep or discard, repeat. Works for any domain (test coverage, bundle size, performance, ML training, code quality). 65 skills total.
+- 🔁 **`/iterate` skill** - Autonomous improvement loop inspired by [Karpathy's autoresearch](https://github.com/karpathy/autoresearch). Define a goal, scope, and mechanical metric - the agent loops autonomously: modify, measure, keep or discard, repeat. Works for any domain (test coverage, bundle size, performance, ML training, code quality).
 
 **v2.0.0** (March 2026)
 - 🚀 **64 skills** - 22 new `-ops` skills covering React, Vue, JavaScript, Go, Rust, TypeScript, Docker, CI/CD, API design, PostgreSQL, Astro, Laravel, Nginx, Auth, Monitoring, Debug, MCP, Tailwind, Migrate, Refactor, Scaffold, Perf, Log analysis

scripts/install.ps1

@@ -40,7 +40,8 @@ $deprecated = @(
     "$claudeDir\commands\testgen.md",
     "$claudeDir\commands\conclave.md",
     "$claudeDir\commands\pulse.md",
-    "$claudeDir\skills\conclave"
+    "$claudeDir\skills\conclave",
+    "$claudeDir\skills\claude-code-templates"   # Replaced by skill-creator
 )
 
 # Renamed skills: -patterns -> -ops (March 2026)

scripts/install.sh

@@ -41,7 +41,8 @@ deprecated_items=(
     "$CLAUDE_DIR/commands/pulse.md"       # Now a skill only
 
     # Removed skills
-    "$CLAUDE_DIR/skills/conclave"         # Deprecated
+    "$CLAUDE_DIR/skills/conclave"                # Deprecated
+    "$CLAUDE_DIR/skills/claude-code-templates"   # Replaced by skill-creator
 )
 
 # Renamed skills: -patterns -> -ops (March 2026)

skills/claude-code-templates/SKILL.md

@@ -1,118 +0,0 @@
----
-name: claude-code-templates
-description: "Boilerplate templates for Claude Code extensions. Triggers on: create agent, new skill, command template, hook script, extension scaffold."
-compatibility: "Claude Code CLI"
-allowed-tools: "Read Write"
-depends-on: []
-related-skills: [claude-code-hooks, claude-code-debug]
----
-
-# Claude Code Templates
-
-Starter templates for building Claude Code extensions.
-
-## Template Selection
-
-| Building | Template | Key Features |
-|----------|----------|--------------|
-| Expert persona | `agent-template.md` | Focus areas, quality checklist, references |
-| Tool capability | `skill-template.md` | Commands, examples, triggers |
-| User workflow | `command-template.md` | Execution flow, options |
-| Automation | `hook-script.sh` | Input parsing, exit codes |
-
-## Quick Start
-
-### Create an Agent
-
-```bash
-# Copy template
-cp ~/.claude/skills/claude-code-templates/assets/agent-template.md \
-   ~/.claude/agents/my-expert.md
-
-# Edit: name, description, focus areas, references
-```
-
-### Create a Skill
-
-```bash
-# Create skill directory
-mkdir -p ~/.claude/skills/my-skill
-
-# Copy template
-cp ~/.claude/skills/claude-code-templates/assets/skill-template.md \
-   ~/.claude/skills/my-skill/SKILL.md
-
-# Edit: name, description, commands, examples
-```
-
-### Create a Command
-
-```bash
-# Copy template
-cp ~/.claude/skills/claude-code-templates/assets/command-template.md \
-   ~/.claude/commands/my-command.md
-
-# Edit: name, description, execution flow
-```
-
-### Create a Hook Script
-
-```bash
-# Copy template
-cp ~/.claude/skills/claude-code-templates/assets/hook-script.sh \
-   .claude/hooks/my-hook.sh
-
-# Make executable
-chmod +x .claude/hooks/my-hook.sh
-```
-
-## Template Locations
-
-Templates are in `./assets/`:
-
-| File | Purpose |
-|------|---------|
-| `agent-template.md` | Expert agent boilerplate |
-| `skill-template.md` | Skill with YAML frontmatter |
-| `command-template.md` | Slash command scaffold |
-| `hook-script.sh` | Secure hook script template |
-
-## Naming Conventions
-
-| Type | Pattern | Example |
-|------|---------|---------|
-| Agent | `{technology}-expert.md` | `react-expert.md` |
-| Skill | `{tool-or-pattern}/SKILL.md` | `git-workflow/SKILL.md` |
-| Command | `{action}.md` | `review.md` |
-| Hook | `{event}-{action}.sh` | `pre-write-validate.sh` |
-
-## Validation
-
-```bash
-# Validate YAML frontmatter
-head -20 my-extension.md
-
-# Check name matches filename
-grep "^name:" my-extension.md
-
-# Run project tests
-just test
-```
-
-## Official Documentation
-
-- https://code.claude.com/docs/en/skills - Skills reference
-- https://code.claude.com/docs/en/sub-agents - Custom subagents
-- https://code.claude.com/docs/en/hooks - Hooks reference
-- https://agentskills.io/specification - Agent Skills open standard
-
-## Assets
-
-- `./assets/agent-template.md` - Expert agent scaffold
-- `./assets/skill-template.md` - Skill with references pattern
-- `./assets/command-template.md` - Slash command scaffold
-- `./assets/hook-script.sh` - Secure bash hook template
-
----
-
-**See Also:** `claude-code-debug` for troubleshooting extensions

skills/claude-code-templates/assets/agent-template.md

@@ -1,69 +0,0 @@
----
-name: technology-expert
-description: "Expert in [technology]. Use for: [scenario 1], [scenario 2], [scenario 3]."
-model: inherit
----
-
-# [Technology] Expert Agent
-
-You are an expert in [technology], specializing in [specific areas].
-
-## Focus Areas
-
-- [Area 1: e.g., Component architecture]
-- [Area 2: e.g., State management]
-- [Area 3: e.g., Performance optimization]
-- [Area 4: e.g., Testing strategies]
-
-## Approach Principles
-
-- [Principle 1: e.g., Always validate input before processing]
-- [Principle 2: e.g., Prefer composition over inheritance]
-- [Principle 3: e.g., Write tests alongside implementation]
-- [Principle 4: e.g., Document public APIs with examples]
-
-## Quality Checklist
-
-- [ ] [Requirement 1: e.g., Type hints on all functions]
-- [ ] [Requirement 2: e.g., No console.log in production code]
-- [ ] [Requirement 3: e.g., Error handling with specific exceptions]
-- [ ] [Requirement 4: e.g., Tests cover edge cases]
-
-## Output Deliverables
-
-When completing tasks, provide:
-
-1. [Deliverable 1: e.g., Working, tested code]
-2. [Deliverable 2: e.g., Clear documentation]
-3. [Deliverable 3: e.g., Example usage]
-
-## Common Pitfalls
-
-- [Pitfall 1: e.g., Using any instead of proper types]
-- [Pitfall 2: e.g., Mutating state directly]
-- [Pitfall 3: e.g., Ignoring error boundaries]
-
-## References
-
-- [URL 1: Official documentation]
-- [URL 2: Best practices guide]
-- [URL 3: API reference]
-- [URL 4: Community resources]
-- [URL 5: Tutorial/cookbook]
-
-<!--
-USAGE INSTRUCTIONS:
-
-1. Copy this file to ~/.claude/agents/your-agent.md
-2. Replace all [placeholders] with your content
-3. Rename the file to match the `name` field (kebab-case)
-4. Ensure description includes "Use for:" with clear scenarios
-5. Add 10+ authoritative reference URLs
-6. Test by asking Claude to use your agent
-
-TIPS:
-- Focus areas should be specific, not generic
-- Principles should be actionable, not vague
-- Checklist items should be verifiable
-- References should be official/authoritative sources
--->

skills/claude-code-templates/assets/command-template.md

@@ -1,93 +0,0 @@
----
-name: command-name
-description: "What this command does in one sentence."
----
-
-# /command-name
-
-Brief description of the command's purpose.
-
-## Usage
-
-```
-/command-name [options] [arguments]
-```
-
-## Execution Flow
-
-```
-/command-name
-    │
-    ├── Step 1: [Action]
-    │   └── [Details]
-    │
-    ├── Step 2: [Action]
-    │   └── [Details]
-    │
-    └── Step 3: [Action]
-        └── [Details]
-```
-
-## Instructions
-
-### Step 1: [Action Name]
-
-[Detailed instructions for this step]
-
-- Sub-step A
-- Sub-step B
-
-### Step 2: [Action Name]
-
-[Detailed instructions for this step]
-
-### Step 3: [Action Name]
-
-[Detailed instructions for this step]
-
-## Options
-
-| Flag | Description | Default |
-|------|-------------|---------|
-| `--flag1` | Description | value |
-| `--flag2` | Description | value |
-
-## Examples
-
-### Basic Usage
-
-```
-/command-name
-```
-
-### With Options
-
-```
-/command-name --flag1 value
-```
-
-### Full Example
-
-```
-/command-name --flag1 value --flag2 value argument
-```
-
-## Output
-
-[Description of what the command produces]
-
-<!--
-USAGE INSTRUCTIONS:
-
-1. Copy to ~/.claude/commands/your-command.md or .claude/commands/
-2. Replace all [placeholders] with your content
-3. Ensure filename matches the `name` field
-4. Keep execution flow clear and scannable
-5. Test by typing /your-command in Claude
-
-TIPS:
-- Execution flow should be visual and easy to follow
-- Each step should be actionable
-- Include real examples users can copy
-- Document all options with defaults
--->

skills/claude-code-templates/assets/hook-script.sh

@@ -1,85 +0,0 @@
-#!/bin/bash
-#
-# Claude Code Hook: [Description]
-#
-# Event: [PreToolUse|PostToolUse|SessionStart|etc]
-# Matcher: [Tool name or * for all]
-#
-# Security: Validates input, quotes variables, prevents path traversal
-#
-
-set -euo pipefail
-
-# Error handling
-trap 'echo "Error at line $LINENO" >&2; exit 1' ERR
-
-# Check dependencies
-command -v jq >/dev/null 2>&1 || {
-    echo "jq is required but not installed" >&2
-    exit 1
-}
-
-# Read input from stdin
-INPUT=$(cat)
-
-# Validate JSON
-if ! echo "$INPUT" | jq -e '.' > /dev/null 2>&1; then
-    echo "Invalid JSON input" >&2
-    exit 2
-fi
-
-# Parse common fields
-TOOL=$(echo "$INPUT" | jq -r '.tool_name // empty')
-SESSION=$(echo "$INPUT" | jq -r '.session_id // empty')
-
-# -------------------------------------------------------------------
-# Your hook logic here
-# -------------------------------------------------------------------
-
-# Example: Log tool usage
-LOG_FILE="${CLAUDE_PROJECT_DIR:-.}/.claude/hook.log"
-mkdir -p "$(dirname "$LOG_FILE")"
-echo "$(date -u +"%Y-%m-%dT%H:%M:%SZ") | $TOOL | $SESSION" >> "$LOG_FILE"
-
-# Example: Block dangerous operations
-# if [[ "$TOOL" == "Bash" ]]; then
-#     CMD=$(echo "$INPUT" | jq -r '.tool_input.command // empty')
-#     if [[ "$CMD" == *"rm -rf /"* ]]; then
-#         echo "Blocked dangerous command" >&2
-#         exit 2  # Exit 2 = blocking error
-#     fi
-# fi
-
-# Example: Validate file paths
-# if [[ "$TOOL" == "Write" ]]; then
-#     FILE=$(echo "$INPUT" | jq -r '.tool_input.file_path // empty')
-#     if [[ "$FILE" == *".."* ]]; then
-#         echo "Path traversal blocked" >&2
-#         exit 2
-#     fi
-# fi
-
-# -------------------------------------------------------------------
-# Exit codes:
-#   0 = Success (continue execution)
-#   2 = Blocking error (stderr shown to Claude)
-#   Other = Non-blocking error (logged, continues)
-# -------------------------------------------------------------------
-
-exit 0
-
-# CONFIGURATION EXAMPLE:
-# Add to ~/.claude/settings.json or .claude/settings.local.json:
-#
-# {
-#   "hooks": {
-#     "PreToolUse": [{
-#       "matcher": "*",
-#       "hooks": [{
-#         "type": "command",
-#         "command": "$CLAUDE_PROJECT_DIR/.claude/hooks/this-script.sh",
-#         "timeout": 5000
-#       }]
-#     }]
-#   }
-# }

skills/claude-code-templates/assets/skill-template.md

@@ -1,138 +0,0 @@
----
-name: skill-name
-description: "Brief description of what this skill does. Triggers on: keyword1, keyword2, keyword3."
-compatibility: "Requirements (e.g., Python 3.10+, Node.js, specific CLI tools)"
-allowed-tools: "Bash Read Write"
-depends-on: []
-related-skills: []
----
-
-# Skill Name
-
-One-line description of what this skill enables.
-
-## Quick Reference
-
-| Task | Command |
-|------|---------|
-| [Task 1] | `command1 args` |
-| [Task 2] | `command2 args` |
-| [Task 3] | `command3 args` |
-
-## Basic Usage
-
-```bash
-# Example 1: [Description]
-command example
-
-# Example 2: [Description]
-command example
-```
-
-## Common Patterns
-
-### Pattern 1: [Name]
-
-```bash
-# Description of when to use this
-command with options
-```
-
-### Pattern 2: [Name]
-
-```bash
-# Description of when to use this
-command with options
-```
-
-## When to Use
-
-- [Scenario 1: e.g., Processing large JSON files]
-- [Scenario 2: e.g., Batch transformations]
-- [Scenario 3: e.g., Data extraction]
-
-## Troubleshooting
-
-| Issue | Solution |
-|-------|----------|
-| [Problem 1] | [Solution 1] |
-| [Problem 2] | [Solution 2] |
-
-## Additional Resources
-
-- `./references/advanced-patterns.md` - Detailed patterns
-- `./references/configuration.md` - Configuration options
-
----
-
-**See Also:** [related-skill-1], [related-skill-2]
-
-<!--
-AGENTSKILLS.IO SPECIFICATION
-=============================
-This template follows the open standard at https://agentskills.io/specification
-
-REQUIRED FIELDS:
-- name: 1-64 chars, lowercase alphanumeric + hyphens, must match directory name
-- description: 1-1024 chars, include trigger keywords for discovery
-
-OPTIONAL FIELDS (per spec):
-- license: License applied to the skill
-- compatibility: Max 500 chars, environment requirements
-- metadata: Key-value mapping for additional properties
-- allowed-tools: Space-delimited pre-approved tools (experimental)
-
-EXTENSIONS (via metadata convention):
-- depends-on: Prerequisite skills that should be loaded first
-- related-skills: Complementary skills for cross-reference
-
-DIRECTORY STRUCTURE:
-skills/your-skill/
-├── SKILL.md           # Required, <500 lines per spec
-├── references/        # On-demand detailed docs
-│   └── advanced.md
-├── scripts/           # Executable helpers
-│   └── helper.sh
-└── assets/            # Static resources
-    └── template.txt
-
-GUIDELINES:
-- SKILL.md under 500 lines (guideline, can exceed if needed)
-- Instructions under 5000 tokens for efficient loading
-- Use relative paths one level deep from SKILL.md
-- Name must match parent directory exactly
-
-USAGE:
-1. Create directory: mkdir -p ~/.claude/skills/your-skill
-2. Copy this file to ~/.claude/skills/your-skill/SKILL.md
-3. Replace all [placeholders] with your content
-4. Ensure directory name matches the `name` field
-5. Test by mentioning trigger keywords in a conversation
-
-TIPS:
-- Description MUST include trigger keywords for agent discovery
-- Keep SKILL.md lean - use references/ for detailed patterns
-- Use tables for quick scanning
-- Include troubleshooting for common issues
-
-PROMPT CACHING OPTIMIZATION:
-Claude Code benefits from prompt caching (90% token cost reduction on cache hits).
-See: https://platform.claude.com/docs/en/build-with-claude/prompt-caching
-
-For cache efficiency:
-- Put stable, reusable content at the TOP of files
-- Large reference files (>1024 tokens) benefit most from caching
-- Structure references/ files with static content first, examples last
-- Avoid mixing frequently-changing content with static patterns
-- SKILL.md is loaded first, references/ loaded on-demand (cache-friendly)
-
-Cache thresholds (minimum tokens to cache):
-- Claude Sonnet/Opus: 1024 tokens
-- Claude Haiku 3: 2048 tokens
-- Claude Haiku 4.5/Opus 4.5: 4096 tokens
-
-When NOT to optimize for caching:
-- Small skills under 1024 tokens (won't cache anyway)
-- Highly dynamic content that changes per-request
-- One-time reference lookups
--->

skills/introspect/SKILL.md

@@ -1,6 +1,6 @@
 ---
 name: introspect
-description: "Analyze Claude Code session logs - extract thinking blocks, tool usage stats, error patterns, debug trajectories. Triggers on: introspect, session logs, trajectory, analyze sessions, what went wrong, tool usage, thinking blocks, session history, my reasoning, past sessions, what did I do."
+description: "Analyze Claude Code session logs and surface productivity improvements. Extracts thinking blocks, tool usage stats, error patterns, debug trajectories - then generates friendly, actionable recommendations. Triggers on: introspect, session logs, trajectory, analyze sessions, what went wrong, tool usage, thinking blocks, session history, my reasoning, past sessions, what did I do, how can I improve."
 allowed-tools: "Bash Read Grep Glob"
 related-skills: [log-ops, data-processing]
 ---
@@ -166,6 +166,91 @@ cat session.jsonl | jq -r 'select(.type == "assistant") | .message.content[]? |
 rg '"tool_use"' session.jsonl | jq -r '.message.content[]? | select(.type == "tool_use") | .name'
 ```
 
+## Session Insights
+
+After running any analysis, **always** generate a "Session Insights" section with actionable recommendations. The tone should be friendly and mentoring - a helpful colleague who noticed some patterns, not a critic.
+
+### What to Look For
+
+Scan the session data for these patterns and generate recommendations where relevant:
+
+**Tool usage improvements:**
+- Using `Bash(grep ...)` or `Bash(cat ...)` instead of Grep/Read tools - suggest the dedicated tools
+- Repeated failed tool calls with same input - suggest pivoting earlier
+- Heavy Bash usage for tasks a skill handles - recommend the skill by name
+- No use of parallel tool calls when independent reads/searches could overlap
+
+**Workflow patterns:**
+- Long sessions with no commits - suggest incremental commits
+- No `/save` at session end - remind about session continuity
+- Repeated context re-reading (same files read 3+ times) - suggest keeping notes or using `/save`
+- Large blocks of manual work that `/iterate` could automate - mention the loop pattern
+- Debugging spirals (5+ attempts at same approach) - suggest the 3-attempt pivot rule
+
+**Skill and command awareness:**
+- Manual code review without `/review` - mention the skill
+- Test writing without `/testgen` - mention the skill
+- Complex reasoning without `/atomise` - mention it for hard problems
+- Agent spawning for tasks a skill already handles - suggest the lighter-weight option
+
+**Session efficiency:**
+- Very long sessions (100+ tool calls) - suggest breaking into focused sessions
+- High error rate (>30% of tool calls return errors) - note the pattern and suggest investigation
+- Excessive file reads vs edits ratio (>10:1) - might indicate uncertainty, suggest planning first
+
+**Permission recommendations:**
+This is high-value - permission prompts break flow and cost context. Scan the session for:
+- Bash commands that were used successfully and repeatedly - these are candidates for `Bash(<command>:*)` allow rules
+- Tool patterns that appeared frequently (WebFetch, WebSearch, specific MCP tools) - suggest adding to allow list
+- Commands that failed with permission errors or were retried - likely blocked by missing permissions
+
+Generate a ready-to-paste `permissions.allow` snippet for `.claude/settings.local.json`:
+
+```
+**Permissions**
+
+Based on this session, these tools were used frequently and could be
+pre-approved to reduce interruptions:
+
+Add to `.claude/settings.local.json` under `permissions.allow`:
+  "Bash(uv:*)",
+  "Bash(pytest:*)",
+  "Bash(docker:*)",
+  "WebSearch",
+  "mcp__my-server__*"
+
+This would have saved roughly ~N permission prompts in this session.
+```
+
+Only recommend commands that were actually used successfully - never suggest blanket `Bash(*)`. But do encourage wildcard patterns where sensible - `Bash(git:*)` is better than listing `Bash(git status)`, `Bash(git add)`, `Bash(git commit)` separately. Common wildcard groups:
+
+- `Bash(git:*)` - all git operations
+- `Bash(npm:*)`, `Bash(pnpm:*)`, `Bash(uv:*)` - package managers
+- `Bash(pytest:*)`, `Bash(jest:*)` - test runners
+- `Bash(docker:*)`, `Bash(cargo:*)`, `Bash(go:*)` - build/runtime tools
+- `mcp__server-name__*` - all tools from an MCP server
+
+Group recommendations by category for clarity. Reference `/setperms` for a full permissions setup if the list is long.
+
+### Output Format
+
+```
+## Session Insights
+
+Here are a few things I noticed that might help next time:
+
+**[Category]**
+- [Observation]: [What was seen in the data]
+- [Suggestion]: [Friendly, specific recommendation]
+
+**[Category]**
+- ...
+```
+
+Scale the number of recommendations to the session size. A quick 10-minute session might warrant 1-2 observations. A sprawling multi-hour session with 100+ tool calls could easily have 10-15 actionable insights. Match the depth of analysis to the depth of the session.
+
+Only mention patterns that are clearly present in the data - don't guess or stretch. If the session was clean and efficient, say so: "This was a well-structured session - nothing jumps out as needing improvement."
+
 ## Reference Files
 
 | File | Contents |

skills/setperms/SKILL.md

@@ -29,9 +29,13 @@ Tools from [dev-shell-tools](https://github.com/0xDarkMatter/dev-shell-tools):
 - **Analysis**: tokei, procs, hyperfine, dust
 
 **Dev Tools:**
-- **Package managers**: npm, node, python, uv, pip, brew
-- **Task runners**: just, bash
-- **Network**: curl, http (httpie), firecrawl
+- **Package managers**: npm, npx, node, pnpm, yarn, bun, python, uv, pip, cargo, go, brew
+- **Build tools**: just, make, bash, rustc
+- **Network**: curl, http (httpie), firecrawl, markitdown
+- **Containers**: docker, docker-compose
+- **Archives**: tar, zip, unzip
+- **Testing**: pytest
+- **Data**: sort, uniq, cut, tr, xargs, tee, head, tail, diff
 - **Documentation**: tldr
 - **Windows**: powershell
 
@@ -116,20 +120,43 @@ Write to `.claude/settings.local.json`:
       "Bash(procs:*)",
       "Bash(hyperfine:*)",
       "Bash(npm:*)",
+      "Bash(npx:*)",
       "Bash(node:*)",
+      "Bash(pnpm:*)",
+      "Bash(yarn:*)",
+      "Bash(bun:*)",
       "Bash(python:*)",
       "Bash(pip:*)",
+      "Bash(cargo:*)",
+      "Bash(go:*)",
+      "Bash(rustc:*)",
+      "Bash(pytest:*)",
+      "Bash(make:*)",
+      "Bash(docker:*)",
+      "Bash(docker-compose:*)",
       "Bash(powershell -Command:*)",
       "Bash(powershell.exe:*)",
       "Bash(bash:*)",
       "Bash(chmod:*)",
+      "Bash(sort:*)",
+      "Bash(uniq:*)",
+      "Bash(cut:*)",
+      "Bash(tr:*)",
       "Bash(xargs:*)",
+      "Bash(tee:*)",
+      "Bash(head:*)",
+      "Bash(tail:*)",
+      "Bash(diff:*)",
+      "Bash(tar:*)",
+      "Bash(zip:*)",
+      "Bash(unzip:*)",
       "Bash(command -v:*)",
       "Bash(brew:*)",
       "Bash(tldr:*)",
       "Bash(dust:*)",
       "Bash(btm:*)",
       "Bash(bottom:*)",
+      "Bash(markitdown:*)",
       "Bash(firecrawl:*)",
       "Bash(gemini:*)",
       "Bash(claude:*)",
@@ -270,7 +297,7 @@ Report to user:
 Initialized Claude Code with dev-shell-tools:
 
 Created:
-  .claude/settings.local.json  (51 tool permissions, 11 guardrails)
+  .claude/settings.local.json  (74 tool permissions, 11 guardrails)
   .claude/rules/cli-tools.md   (modern tool preferences)
 
 Claude will now:
@@ -298,8 +325,6 @@ To add to git: git add .claude/
 
 Adds to permissions:
 ```json
-"Bash(docker:*)",
-"Bash(docker-compose:*)",
 "Bash(podman:*)",
 "Bash(kubectl:*)",
 "Bash(helm:*)",