Settings, policy, and integrations
This page maps settings, managed policy, helper scripts, and local integrations visible in the extracted runtime.
Use Settings schema reference for the canonical settings roots/key groups and Environment variables reference for env-var-only controls. This page owns the settings/policy/integration behavior narrative.
Source anchors
| Semantic alias | Source | Approximate location | String or symbol | Meaning |
|---|---|---|---|---|
| ProjectUserSettingsSchema | cli.js | line ~185, byte 0x11b83b | .claude/settings.json | Project/user settings overlay schema text. |
| TranscriptRetentionSetting | cli.js | line ~185, byte 0x11904c | cleanupPeriodDays | Transcript retention setting. |
| ManagedUiPolicySettings | cli.js | line ~185, byte 0x11a6b4 | disableAllHooks, statusLine, disableAgentView | Managed settings/policy surfaces for hooks/status/agent view. |
| RemoteControlPolicySetting | cli.js | line ~185, byte 0x11a7e1 | disableRemoteControl | Managed policy surface for Remote Control. |
| SkillShellPolicySetting | cli.js | line ~185, byte 0x11a8f2 | disableSkillShellExecution | Managed policy surface for shell execution in skills/custom slash commands. |
| ApiKeyHelperSetting | cli.js | line ~185, byte 0x118a65 | apiKeyHelper | Settings helper script that outputs authentication values. |
| StatusLineSettingsMutation | cli.js | line ~1593, byte 0x4eddc6 | ~/.claude/settings.json | Status-line setup instructions mutate user settings. |
| SettingsInjectionFlag | cli.js | line ~19525, byte 0xdc1cba | --settings <file-or-json> | Adds settings JSON file or inline JSON for a session. |
| IdeIntegrationFlag | cli.js | line ~19525, byte 0xdc1e09 | --ide | Auto-connect IDE integration flag. |
| ChromeIntegrationFlag | cli.js | line ~19525, byte 0xdc2268 | --chrome | Chrome integration flag. |
| StartupFileResourceFlag | cli.js | line ~19525, byte 0xdc22de | --file <specs...> | Startup file-resource download integration. |
Settings layers
flowchart TD User[~/.claude/settings.json] --> Merge[Settings merge] Project[.claude/settings.json] --> Merge Local[.claude/settings.local.json] --> Merge Managed[managed settings / policy] --> Merge Flags[--settings / --managed-settings / --setting-sources] --> Merge Merge --> Runtime[Runtime config] Runtime --> Tools[Tools and permissions] Runtime --> Context[Prompt/context] Runtime --> Integrations[IDE / Chrome / MCP / plugins]Confirmed settings and policy groups
| Group | Examples | Runtime implication |
|---|---|---|
| Settings roots | ~/.claude/settings.json, .claude/settings.json, .claude/settings.local.json | User, project, and local overlays participate in runtime config. |
| Retention | cleanupPeriodDays | Controls chat transcript retention period. |
| Hooks/status line | disableAllHooks, statusLine, subagentStatusLine | Enables/disables hook and status-line execution. |
| Remote/agent policy | disableRemoteControl, disableAgentView | Managed policy can disable Remote Control and agent UI paths. |
| Skills/slash safety | disableSkillShellExecution | Replaces inline shell execution in skills/custom slash commands with placeholders. |
| Authentication helpers | apiKeyHelper, proxyAuthHelper | Lets settings point to helper scripts for credentials/proxy auth. |
| Plugin/MCP config | mcpServers, plugin marketplaces, output styles, hooks | Integrations can be contributed through settings and plugins. |
| IDE/Chrome/file resources | --ide, --chrome, --file | Adds editor/browser/file startup integration surfaces. |
Security interpretation
The settings schema exposes both capability-enabling and capability-disabling controls. This matters because the runtime accepts rich extension points—hooks, plugins, MCP, custom slash commands, status lines, helper scripts—but also exposes managed-policy switches that can disable or constrain those extension points.
Related docs
Created and maintained by Yingting Huang.