skill-allowed-tools

Skill allowed-tools must be an array of tool names, cannot be used with disallowed-tools

Error

Rule Details

This rule enforces two constraints on the allowed-tools frontmatter field. First, it must be an array of valid tool name strings. Second, allowed-tools and disallowed-tools are mutually exclusive -- specifying both creates an ambiguous permission model. The rule delegates to the Zod schema for format validation and uses cross-field refinements to check mutual exclusivity.

Incorrect

allowed-tools is not an array

---
name: deploy
description: Deploys the app
allowed-tools: Bash
---

Both allowed-tools and disallowed-tools specified

---
name: deploy
description: Deploys the app
allowed-tools:
  - Bash
  - Read
disallowed-tools:
  - WebFetch
---

Correct

Valid allowed-tools array

---
name: deploy
description: Deploys the app
allowed-tools:
  - Bash
  - Read
  - Write
---

Using only disallowed-tools (no conflict)

---
name: deploy
description: Deploys the app
disallowed-tools:
  - WebFetch
---

How To Fix

Ensure allowed-tools is a YAML array of tool name strings. If you also have disallowed-tools, remove one of the two fields. Use allowed-tools for an allowlist approach or disallowed-tools for a denylist approach, but not both.

Options

This rule does not have any configuration options.

Related Rules

• skill-disallowed-tools
• skill-allowed-tools-not-used
• skill-mcp-tool-qualified-name

Resources

• Rule Implementation
• Rule Tests

Version

Available since: v0.2.0