Claude Settings Editor
v1.0.0Use when the user wants to update Claude settings, hooks, permissions, MCP server toggles, or other JSON config safely and with scope awareness.
⭐ 0· 1·0 current·0 all-time
by@wimi321
MIT-0
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The skill's name/description (edit Claude settings/hooks/permissions) align with the runtime instructions (read chosen settings file, apply minimal JSON edits). However, the registry metadata lists no required config paths even though the runtime workflow expects reading and writing settings files; that mismatch should be clarified.
Instruction Scope
SKILL.md explicitly tells the agent to 'choose the correct settings file by scope' and to 'read the current file before editing' and to write edits. Those actions are appropriate for the stated goal, but the instructions do not constrain or enumerate specific file paths, nor do they require explicit user confirmation before performing writes—this gives the agent broad discretion to access filesystem locations unless the integrating environment enforces limits.
Install Mechanism
No install spec and no code files — the skill is instruction-only, so nothing is written to disk or downloaded during install.
Credentials
The skill requests no environment variables, credentials, or config paths. That is proportionate for a local-config editing helper; the only gap is the lack of declared config paths when the instructions imply file access.
Persistence & Privilege
always is false and the skill does not request persistent presence or system-wide config changes. It does instruct file edits within its scope, which is expected for this purpose.
Assessment
This skill appears to do what it says (make small, scoped JSON edits to Claude settings) and has no installs or secret requirements, but it leaves which files to read/write unspecified. Before installing or granting the agent access: (1) confirm exactly which file paths the skill will be allowed to access; (2) require explicit user confirmation before any write; (3) back up target config files and test on non-production copies; (4) prefer a prompt that supplies the exact path and scope to the agent rather than leaving scope discovery to the agent; and (5) enable logging/auditing of any changes so you can review edits after they occur.Like a lobster shell, security has layers — review code before you run it.
claude-codeextractedlatest
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
SKILL.md
Claude Settings Editor
Use this skill for settings.json, local overrides, and hook configuration.
Workflow
- Choose the correct settings file by scope: user, project, or local.
- Read the current file before editing.
- Apply the smallest valid JSON change.
- Keep permissions, hooks, plugins, and MCP configuration syntactically valid.
- Explain scope, precedence, and any risky config changes.
Guardrails
- Do not replace a config file wholesale unless necessary.
- Preserve unrelated user settings.
- Warn before widening permissions or changing automation hooks broadly.
Example Requests
- Update project hooks without breaking existing settings.
- Change Claude permissions and MCP toggles in the right settings file.
Inputs
- Requested configuration change
- Desired scope
- Existing settings state
Outputs
- Validated JSON config edits
- Scope explanation
- Risk notes for sensitive changes
Success Criteria
- Only the intended file was changed.
- JSON remains valid.
- Unrelated settings were preserved.
Non-Goals
- Blind full-file rewrites
- Silent permission broadening
Source Provenance
Derived from src/skills/bundled/updateConfig.ts.
Files
3 totalSelect a file
Select a file to preview.
Comments
Loading comments…