diff --git a/README.md b/README.md
index fbad8ea..925714a 100644
--- a/README.md
+++ b/README.md
@@ -568,7 +568,7 @@ uv run main.py --permissions gmail:send drive:full --tool-tier core
 Granular permissions mode provides service-by-service scope control:
 - Format: `service:level` (one entry per service)
 - Gmail levels: `readonly`, `organize`, `drafts`, `send`, `full` (cumulative)
-- Tasks levels: `readonly`, `manage`, `full` (cumulative; `manage` allows create/update/move but denies delete)
+- Tasks levels: `readonly`, `manage`, `full` (cumulative; `manage` allows create/update/move but denies `delete` and `clear_completed`)
 - Other services currently support: `readonly`, `full`
 - `--permissions` and `--read-only` are mutually exclusive
 - `--permissions` cannot be combined with `--tools`; enabled services are determined by the `--permissions` entries (optionally filtered by `--tool-tier`)
diff --git a/tests/test_permissions.py b/tests/test_permissions.py
index f88ee7c..66f5d62 100644
--- a/tests/test_permissions.py
+++ b/tests/test_permissions.py
@@ -17,7 +17,6 @@ from auth.permissions import (
     is_action_denied,
     parse_permissions_arg,
     set_permissions,
-    SERVICE_DENIED_ACTIONS,
     SERVICE_PERMISSION_LEVELS,
 )
 from auth.scopes import (
@@ -140,7 +139,6 @@ class TestGetScopesForPermission:
         assert TASKS_READONLY_SCOPE in scopes
 
 
-
 @pytest.fixture(autouse=True)
 def _reset_permissions_state():
     """Ensure each test starts and ends with no active permissions."""