promote-claude-settings
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions direct the agent to read and modify sensitive configuration files including
~/.claude/settings.jsonand.claude/settings.local.json. These files typically store environment variables, API keys, and tool permission settings. - [SAFE]: The workflow incorporates robust security best practices by requiring an interactive diff summary and explicit user confirmation for every single item before it is written to the global configuration file. This ensures human-in-the-loop oversight for changes to sensitive configuration data.
- [SAFE]: The skill does not perform any network operations or external downloads, operating entirely on the local file system with user-provided data.
Audit Metadata