[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"skill-94613dda-ff86-4c39-80a2-99207a7f3b98":3,"$fidr6QI8-F5BGXVwxwNucIGO3_2xbLfvISsN_J0mgbFs":42},{"id":4,"title":5,"description":6,"categoryId":7,"moduleId":8,"tags":9,"prompt":10,"icon":11,"source":12,"sourceUrl":13,"authorId":14,"authorName":15,"isPublic":16,"stars":17,"runs":18,"createdAt":19,"updatedAt":19,"module":20,"category":27,"packages":33},"94613dda-ff86-4c39-80a2-99207a7f3b98","claude-settings-audit","分析存储库以生成推荐的Claude Code settings.json权限。用于设置新项目、审核现有设置或确定允许哪些只读bash命令。检测技术栈、构建工具和单一代码库结构。","cat_coding_backend","mod_coding","sickn33,coding","---\nname: claude-settings-audit\ndescription: Analyze a repository to generate recommended Claude Code settings.json permissions. Use when setting up a new project, auditing existing settings, or determining which read-only bash commands to allow. Detects tech stack, build tools, and monorepo structure.\nrisk: unknown\nsource: community\n---\n\n# Claude Settings Audit\n\nAnalyze this repository and generate recommended Claude Code `settings.json` permissions for read-only commands.\n\n## When to Use\n- You are setting up or auditing Claude Code `settings.json` permissions for a repository.\n- You need to infer a safe read-only allow list from the repo's tech stack, tooling, and monorepo structure.\n- You want to review or replace an existing Claude permissions baseline with something evidence-based.\n\n## Phase 1: Detect Tech Stack\n\nRun these commands to detect the repository structure:\n\n```bash\nls -la\nfind . -maxdepth 2 \\( -name \"*.toml\" -o -name \"*.json\" -o -name \"*.lock\" -o -name \"*.yaml\" -o -name \"*.yml\" -o -name \"Makefile\" -o -name \"Dockerfile\" -o -name \"*.tf\" \\) 2>\u002Fdev\u002Fnull | head -50\n```\n\nCheck for these indicator files:\n\n| Category | Files to Check |\n| ------------ | ------------------------------------------------------------------------------------- |\n| **Python** | `pyproject.toml`, `setup.py`, `requirements.txt`, `Pipfile`, `poetry.lock`, `uv.lock` |\n| **Node.js** | `package.json`, `package-lock.json`, `yarn.lock`, `pnpm-lock.yaml` |\n| **Go** | `go.mod`, `go.sum` |\n| **Rust** | `Cargo.toml`, `Cargo.lock` |\n| **Ruby** | `Gemfile`, `Gemfile.lock` |\n| **Java** | `pom.xml`, `build.gradle`, `build.gradle.kts` |\n| **Build** | `Makefile`, `Dockerfile`, `docker-compose.yml` |\n| **Infra** | `*.tf` files, `kubernetes\u002F`, `helm\u002F` |\n| **Monorepo** | `lerna.json`, `nx.json`, `turbo.json`, `pnpm-workspace.yaml` |\n\n## Phase 2: Detect Services\n\nCheck for service integrations:\n\n| Service | Detection |\n| ---------- | ------------------------------------------------------------------------------- |\n| **Sentry** | `sentry-sdk` in deps, `@sentry\u002F*` packages, `.sentryclirc`, `sentry.properties` |\n| **Linear** | Linear config files, `.linear\u002F` directory |\n\nRead dependency files to identify frameworks:\n\n- `package.json` → check `dependencies` and `devDependencies`\n- `pyproject.toml` → check `[project.dependencies]` or `[tool.poetry.dependencies]`\n- `Gemfile` → check gem names\n- `Cargo.toml` → check `[dependencies]`\n\n## Phase 3: Check Existing Settings\n\n```bash\ncat .claude\u002Fsettings.json 2>\u002Fdev\u002Fnull || echo \"No existing settings\"\n```\n\n## Phase 4: Generate Recommendations\n\nBuild the allow list by combining:\n\n### Baseline Commands (Always Include)\n\n```json\n[\n \"Bash(ls:*)\",\n \"Bash(pwd:*)\",\n \"Bash(find:*)\",\n \"Bash(file:*)\",\n \"Bash(stat:*)\",\n \"Bash(wc:*)\",\n \"Bash(head:*)\",\n \"Bash(tail:*)\",\n \"Bash(cat:*)\",\n \"Bash(tree:*)\",\n \"Bash(git status:*)\",\n \"Bash(git log:*)\",\n \"Bash(git diff:*)\",\n \"Bash(git show:*)\",\n \"Bash(git branch:*)\",\n \"Bash(git remote:*)\",\n \"Bash(git tag:*)\",\n \"Bash(git stash list:*)\",\n \"Bash(git rev-parse:*)\",\n \"Bash(gh pr view:*)\",\n \"Bash(gh pr list:*)\",\n \"Bash(gh pr checks:*)\",\n \"Bash(gh pr diff:*)\",\n \"Bash(gh issue view:*)\",\n \"Bash(gh issue list:*)\",\n \"Bash(gh run view:*)\",\n \"Bash(gh run list:*)\",\n \"Bash(gh run logs:*)\",\n \"Bash(gh repo view:*)\",\n \"Bash(gh api:*)\"\n]\n```\n\n### Stack-Specific Commands\n\nOnly include commands for tools actually detected in the project.\n\n#### Python (if any Python files or config detected)\n\n| If Detected | Add These Commands |\n| ---------------------------------- | --------------------------------------- |\n| Any Python | `python --version`, `python3 --version` |\n| `poetry.lock` | `poetry show`, `poetry env info` |\n| `uv.lock` | `uv pip list`, `uv tree` |\n| `Pipfile.lock` | `pipenv graph` |\n| `requirements.txt` (no other lock) | `pip list`, `pip show`, `pip freeze` |\n\n#### Node.js (if package.json detected)\n\n| If Detected | Add These Commands |\n| ---------------------------- | -------------------------------------- |\n| Any Node.js | `node --version` |\n| `pnpm-lock.yaml` | `pnpm list`, `pnpm why` |\n| `yarn.lock` | `yarn list`, `yarn info`, `yarn why` |\n| `package-lock.json` | `npm list`, `npm view`, `npm outdated` |\n| TypeScript (`tsconfig.json`) | `tsc --version` |\n\n#### Other Languages\n\n| If Detected | Add These Commands |\n| -------------- | -------------------------------------------------------------------- |\n| `go.mod` | `go version`, `go list`, `go mod graph`, `go env` |\n| `Cargo.toml` | `rustc --version`, `cargo --version`, `cargo tree`, `cargo metadata` |\n| `Gemfile` | `ruby --version`, `bundle list`, `bundle show` |\n| `pom.xml` | `java --version`, `mvn --version`, `mvn dependency:tree` |\n| `build.gradle` | `java --version`, `gradle --version`, `gradle dependencies` |\n\n#### Build Tools\n\n| If Detected | Add These Commands |\n| -------------------- | -------------------------------------------------------------------- |\n| `Dockerfile` | `docker --version`, `docker ps`, `docker images` |\n| `docker-compose.yml` | `docker-compose ps`, `docker-compose config` |\n| `*.tf` files | `terraform --version`, `terraform providers`, `terraform state list` |\n| `Makefile` | `make --version`, `make -n` |\n\n### Skills (for Sentry Projects)\n\nIf this is a Sentry project (or sentry-skills plugin is installed), include:\n\n```json\n[\n \"Skill(sentry-skills:agents-md)\",\n \"Skill(sentry-skills:blog-writing-guide)\",\n \"Skill(sentry-skills:brand-guidelines)\",\n \"Skill(sentry-skills:claude-settings-audit)\",\n \"Skill(sentry-skills:code-review)\",\n \"Skill(sentry-skills:code-simplifier)\",\n \"Skill(sentry-skills:commit)\",\n \"Skill(sentry-skills:create-branch)\",\n \"Skill(sentry-skills:create-pr)\",\n \"Skill(sentry-skills:django-access-review)\",\n \"Skill(sentry-skills:django-perf-review)\",\n \"Skill(sentry-skills:doc-coauthoring)\",\n \"Skill(sentry-skills:find-bugs)\",\n \"Skill(sentry-skills:gh-review-requests)\",\n \"Skill(sentry-skills:gha-security-review)\",\n \"Skill(sentry-skills:iterate-pr)\",\n \"Skill(sentry-skills:pr-writer)\",\n \"Skill(sentry-skills:security-review)\",\n \"Skill(sentry-skills:skill-creator)\",\n \"Skill(sentry-skills:skill-scanner)\",\n \"Skill(sentry-skills:skill-writer)\",\n \"Skill(sentry-skills:sred-project-organizer)\",\n \"Skill(sentry-skills:sred-work-summary)\"\n]\n```\n\n### WebFetch Domains\n\n#### Always Include (Sentry Projects)\n\n```json\n[\n \"WebFetch(domain:docs.sentry.io)\",\n \"WebFetch(domain:develop.sentry.dev)\",\n \"WebFetch(domain:docs.github.com)\",\n \"WebFetch(domain:cli.github.com)\"\n]\n```\n\n#### Framework-Specific\n\n| If Detected | Add Domains |\n| -------------- | ----------------------------------------------- |\n| **Django** | `docs.djangoproject.com` |\n| **Flask** | `flask.palletsprojects.com` |\n| **FastAPI** | `fastapi.tiangolo.com` |\n| **React** | `react.dev` |\n| **Next.js** | `nextjs.org` |\n| **Vue** | `vuejs.org` |\n| **Express** | `expressjs.com` |\n| **Rails** | `guides.rubyonrails.org`, `api.rubyonrails.org` |\n| **Go** | `pkg.go.dev` |\n| **Rust** | `docs.rs`, `doc.rust-lang.org` |\n| **Docker** | `docs.docker.com` |\n| **Kubernetes** | `kubernetes.io` |\n| **Terraform** | `registry.terraform.io` |\n\n### MCP Server Suggestions\n\nMCP servers are configured in `.mcp.json` (not `settings.json`). Check for existing config:\n\n```bash\ncat .mcp.json 2>\u002Fdev\u002Fnull || echo \"No existing .mcp.json\"\n```\n\n#### Sentry MCP (if Sentry SDK detected)\n\nAdd to `.mcp.json` (replace `{org-slug}` and `{project-slug}` with your Sentry organization and project slugs):\n\n```json\n{\n \"mcpServers\": {\n \"sentry\": {\n \"type\": \"http\",\n \"url\": \"https:\u002F\u002Fmcp.sentry.dev\u002Fmcp\u002F{org-slug}\u002F{project-slug}\"\n }\n }\n}\n```\n\n#### Linear MCP (if Linear usage detected)\n\nAdd to `.mcp.json`:\n\n```json\n{\n \"mcpServers\": {\n \"linear\": {\n \"command\": \"npx\",\n \"args\": [\"-y\", \"@linear\u002Fmcp-server\"],\n \"env\": {\n \"LINEAR_API_KEY\": \"${LINEAR_API_KEY}\"\n }\n }\n }\n}\n```\n\n**Note**: Never suggest GitHub MCP. Always use `gh` CLI commands for GitHub.\n\n## Output Format\n\nPresent your findings as:\n\n1. **Summary Table** - What was detected\n2. **Recommended settings.json** - Complete JSON ready to copy\n3. **MCP Suggestions** - If applicable\n4. **Merge Instructions** - If existing settings found\n\nExample output structure:\n\n```markdown\n## Detected Tech Stack\n\n| Category | Found |\n| --------------- | -------------- |\n| Languages | Python 3.x |\n| Package Manager | poetry |\n| Frameworks | Django, Celery |\n| Services | Sentry |\n| Build Tools | Docker, Make |\n\n## Recommended .claude\u002Fsettings.json\n\n\\`\\`\\`json\n{\n\"permissions\": {\n\"allow\": [\n\u002F\u002F ... grouped by category with comments\n],\n\"deny\": []\n}\n}\n\\`\\`\\`\n\n## Recommended .mcp.json (if applicable)\n\nIf you use Sentry or Linear, add the MCP config to `.mcp.json`...\n```\n\n## Important Rules\n\n### What to Include\n\n- Only READ-ONLY commands that cannot modify state\n- Only tools that are actually used by the project (detected via lock files)\n- Standard system commands (ls, cat, find, etc.)\n- The `:*` suffix allows any arguments to the base command\n\n### What to NEVER Include\n\n- **Absolute paths** - Never include user-specific paths like `\u002Fhome\u002Fuser\u002Fscripts\u002Ffoo` or `\u002FUsers\u002Fname\u002Fbin\u002Fbar`\n- **Custom scripts** - Never include project scripts that may have side effects (e.g., `.\u002Fscripts\u002Fdeploy.sh`)\n- **Alternative package managers** - If the project uses pnpm, do NOT include npm\u002Fyarn commands\n- **Commands that modify state** - No install, build, run, write, or delete commands\n\n### Package Manager Rules\n\nOnly include the package manager actually used by the project:\n\n| If Detected | Include | Do NOT Include |\n| ------------------- | --------------- | -------------------------------------- |\n| `pnpm-lock.yaml` | pnpm commands | npm, yarn |\n| `yarn.lock` | yarn commands | npm, pnpm |\n| `package-lock.json` | npm commands | yarn, pnpm |\n| `poetry.lock` | poetry commands | pip (unless also has requirements.txt) |\n| `uv.lock` | uv commands | pip, poetry |\n| `Pipfile.lock` | pipenv commands | pip, poetry |\n\nIf multiple lock files exist, include only the commands for each detected manager.\n\n## Limitations\n- Use this skill only when the task clearly matches the scope described above.\n- Do not treat the output as a substitute for environment-specific validation, testing, or expert review.\n- Stop and ask for clarification if required inputs, permissions, safety boundaries, or success criteria are missing.\n","","imported","https:\u002F\u002Fgithub.com\u002Fsickn33\u002Fantigravity-awesome-skills","user_system_seed","SkillOPIC",true,79,504,"2026-05-16 13:11:05",{"id":8,"name":21,"slug":22,"icon":23,"description":24,"sort":25,"createdAt":26},"编程开发","coding","mdi-code-braces","代码生成、调试、审查,提升开发效率",2,"2026-05-16 12:53:40",{"id":7,"name":28,"slug":29,"icon":30,"description":31,"moduleId":8,"sort":25,"skillCount":32,"createdAt":26},"后端开发","backend","mdi-server","API、数据库、服务端架构",296,[34],{"id":35,"skillId":4,"version":36,"fileName":37,"fileSize":38,"filePath":39,"fileHash":40,"manifest":41,"createdAt":19},"aef08bfc-f2c9-406c-8425-ff7a4f0db473","1.0.0","claude-settings-audit.zip",3857,"uploads\u002Fskills\u002F94613dda-ff86-4c39-80a2-99207a7f3b98\u002Fclaude-settings-audit.zip","474142e0595de8c2de43a240b948152303c468a7d8a4e17a3fdaf2052914dc76","[{\"path\":\"SKILL.md\",\"isDirectory\":false,\"size\":12346}]",{"code":43,"message":44,"data":45},200,"success",{"items":46,"stats":47,"page":50},[],{"averageRating":48,"totalRatings":48,"ratingCounts":49},0,[48,48,48,48,48],{"limit":51,"offset":48,"hasMore":52,"nextOffset":51,"ratedOnly":16},15,false]