Claude Settings Editor
Security checks across malware telemetry and agentic risk
Overview
This instruction-only skill is transparently focused on editing Claude configuration safely, though users should review changes because settings, hooks, MCP toggles, and permissions can affect future agent behavior.
This skill appears safe to install as an instruction-only helper. Before using it, make sure you understand which Claude settings file is being edited, ask for a diff, avoid broad permission or hook changes unless necessary, and prefer the narrowest applicable scope.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Incorrect settings or hook edits could change how Claude behaves or automates tasks in the future.
The skill directs the agent to edit configuration files that can control Claude behavior and automation hooks. This is purpose-aligned, and the workflow includes safeguards, but users should still review such changes.
Use this skill for `settings.json`, local overrides, and hook configuration.
Review the exact JSON diff before applying it, especially for hooks, plugins, or MCP server changes.
A permission-widening change could allow broader tool use or automation than intended in later sessions.
The skill can assist with permission changes that may widen the agent's future authority. The artifact explicitly requires warnings, so this is a disclosed and purpose-aligned privilege-boundary note rather than a concern.
Warn before widening permissions or changing automation hooks broadly.
Only approve least-privilege permission changes you understand, and prefer project or local scope over user-wide scope when possible.
A configuration mistake in a broader scope could carry into unrelated projects or future Claude use.
The skill recognizes that the same kind of edit may apply at different scopes. A mistake at user scope could affect more projects or sessions than intended.
Choose the correct settings file by scope: user, project, or local.
Confirm the intended scope before editing and keep backups or a clear rollback plan for configuration changes.