Permissions:
- Allow npm run/test/install, uv run/sync, docker (compose), and the
common read-only/staging git commands so routine work doesn't trigger
permission prompts.
- Deny Read/Write/Edit on uploads/ and .codegraph/ (auto-generated and
user-data paths) in addition to the existing .env*/secrets/ blocks.
Hooks:
- SessionStart: print branch, ahead/behind vs upstream, and working-tree
state at session start so context is visible immediately.
- PreToolUse (Read|Write|Edit|Bash|NotebookEdit): defence-in-depth
guard that intercepts attempts to access .env / secrets/ paths (and
bash commands targeting them) with a friendly, logged refusal on top
of the permissions.deny rules.
PostToolUse formatter is intentionally skipped — the project has no
configured formatter (per the Step 1 conventions decision).
The Stop hook (quality gate) will be configured in Step 6.
Documentation: .claude/onboarding/step2_setup/01_settings_analysis.md
76f719e760