{
  "permissions": {
    "allow": [
      "Bash(cargo init:*)",
      "Bash(cargo:*)",
      "Bash(find:*)",
      "Bash(mkdir:*)",
      "Bash(../target/debug/ailog new:*)",
      "Bash(../target/debug/ailog build)",
      "Bash(/Users/syui/ai/log/target/debug/ailog build)",
      "Bash(ls:*)",
      "Bash(curl:*)",
      "Bash(pkill:*)",
      "WebFetch(domain:docs.anthropic.com)",
      "WebFetch(domain:github.com)",
      "Bash(rm:*)",
      "Bash(mv:*)",
      "Bash(cp:*)",
      "Bash(timeout:*)",
      "Bash(grep:*)",
      "Bash(./target/debug/ailog:*)",
      "Bash(cat:*)",
      "Bash(npm install)",
      "Bash(npm run build:*)",
      "Bash(chmod:*)",
      "Bash(./scripts/tunnel.sh:*)",
      "Bash(PRODUCTION=true cargo run -- build)",
      "Bash(cloudflared tunnel:*)",
      "Bash(npm install:*)",
      "Bash(./scripts/build-oauth-partial.zsh:*)",
      "Bash(./scripts/quick-oauth-update.zsh:*)",
      "Bash(../target/debug/ailog serve)",
      "Bash(./scripts/test-oauth.sh:*)",
      "Bash(./run.zsh:*)",
      "Bash(npm run dev:*)",
      "Bash(./target/release/ailog:*)",
      "Bash(rg:*)",
      "Bash(../target/release/ailog build)",
      "Bash(zsh run.zsh:*)",
      "Bash(hugo:*)",
      "WebFetch(domain:docs.bsky.app)",
      "WebFetch(domain:syui.ai)",
      "Bash(rustup target list:*)",
      "Bash(rustup target:*)",
      "Bash(git add:*)",
      "Bash(git commit:*)",
      "Bash(git push:*)",
      "Bash(git tag:*)",
      "Bash(../bin/ailog:*)",
      "Bash(../target/release/ailog oauth build:*)",
      "Bash(ailog:*)",
      "WebFetch(domain:plc.directory)",
      "WebFetch(domain:atproto.com)",
      "WebFetch(domain:syu.is)",
      "Bash(sed:*)",
      "Bash(./scpt/run.zsh:*)",
      "Bash(RUST_LOG=debug cargo run -- stream status)",
      "Bash(RUST_LOG=debug cargo run -- stream test-api)",
      "Bash(# Restore the old (expired) token\nold_access_jwt=\"eyJ0eXAiOiJhdCtqd3QiLCJhbGciOiJIUzI1NiJ9.eyJzY29wZSI6ImNvbS5hdHByb3RvLmFjY2VzcyIsImF1ZCI6ImRpZDp3ZWI6c3l1LmlzIiwic3ViIjoiZGlkOnBsYzo2cXllY2t0ZWZsbHZlbmplMjRmY3huaWUiLCJpYXQiOjE3NTAyNTc0MjUsImV4cCI6MTc1MDI2NDYyNX0.FZFD6ZRYQZW1H4fJy2OBjmPGRo6h2xqTNKOJz5-hdQI\"\n\nconfig_file=~/.config/syui/ai/log/config.json\ncurrent_refresh_jwt=$(jq -r '.admin.refresh_jwt' $config_file)\n\n# Keep the refresh JWT but use expired access JWT\njq --arg access \"$old_access_jwt\" '.admin.access_jwt = $access' $config_file > ${config_file}.tmp && mv ${config_file}.tmp $config_file\n\necho \"✅ Restored expired access token for testing\")"
    ],
    "deny": []
  }
}