Command Palette

Search for a command to run...

UnylyUnyly
Назад к скиллам

claude-settings-audit

БесплатноБез исполняемых скриптовНе проверен

Analyze a repository to generate recommended Claude Code settings.json permissions. Use when setting up a new project, auditing existing settings, or determinin

Об этом скилле

Claude Settings Audit

Analyze this repository and generate recommended Claude Code settings.json permissions for read-only commands.

Phase 1: Detect Tech Stack

Run these commands to detect the repository structure:

ls -la
find . -maxdepth 2 \( -name "*.toml" -o -name "*.json" -o -name "*.lock" -o -name "*.yaml" -o -name "*.yml" -o -name "Makefile" -o -name "Dockerfile" -o -name "*.tf" \) 2>/dev/null | head -50

Check for these indicator files:

Category Files to Check
Python pyproject.toml, setup.py, requirements.txt, Pipfile, poetry.lock, uv.lock
Node.js package.json, package-lock.json, yarn.lock, pnpm-lock.yaml
Go go.mod, go.sum
Rust Cargo.toml, Cargo.lock
Ruby Gemfile, Gemfile.lock
Java pom.xml, build.gradle, build.gradle.kts
Build Makefile, Dockerfile, docker-compose.yml
Infra *.tf files, kubernetes/, helm/
Monorepo lerna.json, nx.json, turbo.json, pnpm-workspace.yaml

Phase 2: Detect Services

Check for service integrations:

Service Detection
Sentry sentry-sdk in deps, @sentry/* packages, .sentryclirc, sentry.properties
Linear Linear config files, .linear/ directory

Read dependency files to identify frameworks:

  • package.json → check dependencies and devDependencies
  • pyproject.toml → check [project.dependencies] or [tool.poetry.dependencies]
  • Gemfile → check gem names
  • Cargo.toml → check [dependencies]

Phase 3: Check Existing Settings

cat .claude/settings.json 2>/dev/null || echo "No existing settings"

Phase 4: Generate Recommendations

Build the allow list by combining:

Baseline Commands (Always Include)

[
  "Bash(ls:*)",
  "Bash(pwd:*)",
  "Bash(find:*)",
  "Bash(file:*)",
  "Bash(stat:*)",
  "Bash(wc:*)",
  "Bash(head:*)",
  "Bash(tail:*)",
  "Bash(cat:*)",
  "Bash(tree:*)",
  "Bash(git status:*)",
  "Bash(git log:*)",
  "Bash(git diff:*)",
  "Bash(git show:*)",
  "Bash(git branch:*)",
  "Bash(git remote:*)",
  "Bash(git tag:*)",
  "Bash(git stash list:*)",
  "Bash(git rev-parse:*)",
  "Bash(gh pr view:*)",
  "Bash(gh pr list:*)",
  "Bash(gh pr checks:*)",
  "Bash(gh pr diff:*)",
  "Bash(gh issue view:*)",
  "Bash(gh issue list:*)",
  "Bash(gh run view:*)",
  "Bash(gh run list:*)",
  "Bash(gh run logs:*)",
  "Bash(gh repo view:*)",
  "Bash(gh api:*)"
]

Stack-Specific Commands

Only include commands for tools actually detected in the project.

Python (if any Python files or config detected)

If Detected Add These Commands
Any Python python --version, python3 --version
poetry.lock poetry show, poetry env info
uv.lock uv pip list, uv tree
Pipfile.lock pipenv graph
requirements.txt (no other lock) pip list, pip show, pip freeze

Node.js (if package.json detected)

If Detected Add These Commands
Any Node.js node --version
pnpm-lock.yaml pnpm list, pnpm why
yarn.lock yarn list, yarn info, yarn why
package-lock.json npm list, npm view, npm outdated
TypeScript (tsconfig.json) tsc --version

Other Languages

If Detected Add These Commands
go.mod go version, go list, go mod graph, go env
Cargo.toml rustc --version, cargo --version, cargo tree, cargo metadata
Gemfile ruby --version, bundle list, bundle show
pom.xml java --version, mvn --version, mvn dependency:tree
build.gradle java --version, gradle --version, gradle dependencies

Build Tools

If Detected Add These Commands
Dockerfile docker --version, docker ps, docker images
docker-compose.yml docker-compose ps, docker-compose config
*.tf files terraform --version, terraform providers, terraform state list
Makefile make --version, make -n

Skills (for Sentry Projects)

If this is a Sentry project (or sentry-skills plugin is installed), include:

[
  "Skill(sentry-skills:agents-md)",
  "Skill(sentry-skills:blog-writing-guide)",
  "Skill(sentry-skills:brand-guidelines)",
  "Skill(sentry-skills:claude-settings-audit)",
  "Skill(sentry-skills:code-review)",
  "Skill(sentry-skills:code-simplifier)",
  "Skill(sentry-skills:commit)",
  "Skill(sentry-skills:create-branch)",
  "Skill(sentry-skills:django-access-review)",
  "Skill(sentry-skills:django-perf-review)",
  "Skill(sentry-skills:doc-coauthoring)",
  "Skill(sentry-skills:document-api-endpoint)",
  "Skill(sentry-skills:find-bugs)",
  "Skill(sentry-skills:gh-review-requests)",
  "Skill(sentry-skills:gha-security-review)",
  "Skill(sentry-skills:iterate-pr)",
  "Skill(sentry-skills:pr-link-issue)",
  "Skill(sentry-skills:pr-writer)",
  "Skill(sentry-skills:presentation-creator)",
  "Skill(sentry-skills:prompt-optimizer)",
  "Skill(sentry-skills:replay-ux-research)",
  "Skill(sentry-skills:security-review)",
  "Skill(sentry-skills:skill-scanner)",
  "Skill(sentry-skills:skill-writer)",
  "Skill(sentry-skills:sred-project-organizer)",
  "Skill(sentry-skills:sred-work-summary)",
  "Skill(sentry-skills:triage-frontend-issues)",
  "Skill(sentry-skills:typing-exclusion-worker)"
]

WebFetch Domains

Always Include (Sentry Projects)

[
  "WebFetch(domain:docs.sentry.io)",
  "WebFetch(domain:develop.sentry.dev)",
  "WebFetch(domain:docs.github.com)",
  "WebFetch(domain:cli.github.com)"
]

Framework-Specific

If Detected Add Domains
Django docs.djangoproject.com
Flask flask.palletsprojects.com
FastAPI fastapi.tiangolo.com
React react.dev
Next.js nextjs.org
Vue vuejs.org
Express expressjs.com
Rails `gui

Установить claude-settings-audit в Claude Code и Claude Desktop

Зарегайся, чтобы установить скилл

Создай бесплатный аккаунт, чтобы открыть команду установки и сохранить скилл в библиотеку.

  • Открой команду установки в одну строку
  • Сохраняй скиллы в синхронизируемую библиотеку
  • Уведомления, когда скиллы обновляются
Зарегаться бесплатноУ меня уже есть аккаунт

Разрешённые инструменты

Инструменты, которые скиллу разрешено вызывать.

Без ограничений — скилл может использовать любой инструмент.

FAQ

Что делает скилл claude-settings-audit?

Analyze a repository to generate recommended Claude Code settings.json permissions. Use when setting up a new project, auditing existing settings, or determining which read-only bash commands to allow. Detects tech stack, build tools, and monorepo structure.

Как установить скилл claude-settings-audit?

Скопируй папку скилла в ~/.claude/skills (вкладка Claude Code выше делает это одной командой), либо поставь как плагин.

Скилл claude-settings-audit запускает скрипты?

Нет, скилл состоит только из инструкций (SKILL.md), без исполняемых скриптов.

Похожие скиллы

Сравнить claude-settings-audit с