Show HN: Control Claude permissions using a cloud-based decision table UI

https://github.com/rulebricks/claude-code-guardrails

14•sidgarimella•3w ago

We’ve been building visual rule engines (clear spreadsheet interfaces -> API endpoints that map incoming data to a large number of potential outcomes), and had the fun idea lately to see what happens when we use our decision table UI with Claude’s PreToolUse hook.

The result is a surprisingly useful policy/gating layer– these tables let your team:

- Write conditional, exception-friendly policies beyond globs/prefixes (e.g. allow rm -rf only in */node_modules/*, deny / or $HOME, ask if --force or network call; gate kubectl delete / SQL DROP with a clear reason)

- Roll out policy changes instantly (mid-run, flip a risky operation from allow → ask; the next attempt across devs and agents is gated immediately– no git pull or agent restart required)

- Adopt lightweight governance that is somewhat agent agnostic and survives churn (MCP/skills/etc)- just add columns/rules as new tools and metadata show up

- Gain a central utility to understand which tools are being used, which tools get blocked most often, and why

Comments

sidgarimella•3w ago

Curious to learn if/how folks are using the PreToolUse hook in their own setup

bflesch•3w ago

It's hard for me to comprehend how ublock origin blocks a total of 10 different tracking scripts on your website https://rulebricks.com/ and all you can come up with is a small text in the bottom saying "This website may collect cookies to optimize your user experience".

"May collect cookies"? Do you think google makes money by collecting cookies? You are brazenly lying into my face and even using a dark pattern to hide this ridiculously formulated sentence at the bottom of the screen.

Why does your company decide to employ falsehoods and dark patterns at such an obvious place? It erodes any trust.

sidgarimella•3w ago

The wording has been updated, and we’ll review our instrumentation. Appreciate your feedback.

threecheese•3w ago

I like the approach, I’ve been looking for something with a UI but not from a corp compliance perspective; as I scale usage of Claude I am finding permission checks to be a huge pain in the neck. In my circle, you can identify someone who uses the heck out of Claude Code by their use of —dangerously-skip-permissions (I did that with fat fingers but without typos, that’s how often I need it).

sidgarimella•3w ago

Guilty as charged

Thoughts on /permissions from the CLI?

furyofantares•3w ago

> I did that with fat fingers but without typos, that’s how often I need it

You mean you don't just have it aliased to "claude" ?

iqandjoke•3w ago

Missing a lot critical commands: like passwd, shutdown, etc

sidgarimella•3w ago

Will extend the decision table template when we can

hrimfaxi•3w ago

I really find it disingenuous when Show HNs link to a github that is just a landing page to get you to create an account for their service. Multiple clicks to find that free only covers 100 rule evaluations.

sidgarimella•3w ago

Appreciate the feedback.

We Mourn Our Craft

Speed up responses with fast mode

U.S. Jobs Disappear at Fastest January Pace Since Great Recession

Hoot: Scheme on WebAssembly

Stories from 25 Years of Software Development

OpenCiv3: Open-source, cross-platform reimagining of Civilization III

Al Lowe on model trains, funny deaths and working with Disney

The AI boom is causing shortages everywhere else

The Waymo World Model

Reinforcement Learning from Human Feedback

Start all of your commands with a comma (2009)

Vocal Guide – belt sing without killing yourself

France's homegrown open source online office suite

Coding agents have replaced every framework I used

Selection Rather Than Prediction

A Fresh Look at IBM 3270 Information Display System

72M Points of Interest

Unseen Footage of Atari Battlezone Arcade Cabinet Production

Software factories and the agentic moment

Where did all the starships go?

Show HN: Look Ma, No Linux: Shell, App Installer, Vi, Cc on ESP32-S3 / BreezyBox

Learning from context is harder than we thought

Monty: A minimal, secure Python interpreter written in Rust for use by AI

Show HN: Kappal – CLI to Run Docker Compose YML on Kubernetes for Local Dev

Making geo joins faster with H3 indexes

Hackers (1995) Animated Experience

Sheldon Brown's Bicycle Technical Info

Ga68, a GNU Algol 68 Compiler

An Update on Heroku

Show HN: If you lose your memory, how to regain access to your computer?

We Mourn Our Craft

Speed up responses with fast mode

U.S. Jobs Disappear at Fastest January Pace Since Great Recession

Hoot: Scheme on WebAssembly

Stories from 25 Years of Software Development

OpenCiv3: Open-source, cross-platform reimagining of Civilization III

Al Lowe on model trains, funny deaths and working with Disney

The AI boom is causing shortages everywhere else

The Waymo World Model

Reinforcement Learning from Human Feedback

Start all of your commands with a comma (2009)

Vocal Guide – belt sing without killing yourself

France's homegrown open source online office suite

Coding agents have replaced every framework I used

Selection Rather Than Prediction

A Fresh Look at IBM 3270 Information Display System

72M Points of Interest

Unseen Footage of Atari Battlezone Arcade Cabinet Production

Software factories and the agentic moment

Where did all the starships go?

Show HN: Look Ma, No Linux: Shell, App Installer, Vi, Cc on ESP32-S3 / BreezyBox

Learning from context is harder than we thought

Monty: A minimal, secure Python interpreter written in Rust for use by AI

Show HN: Kappal – CLI to Run Docker Compose YML on Kubernetes for Local Dev

Making geo joins faster with H3 indexes

Hackers (1995) Animated Experience

Sheldon Brown's Bicycle Technical Info

Ga68, a GNU Algol 68 Compiler

An Update on Heroku

Show HN: If you lose your memory, how to regain access to your computer?

Show HN: Control Claude permissions using a cloud-based decision table UI

Comments