lintai docs

Appearance

Preset Reference

sidecar lanedirect activation235 direct rules

governance

Opt-in review rules for shared mutation authority and broad bare tool grants that should not read like headline security findings.

Shared authority and workflow policy review.

Explicitly turns on this rule set.

Coverage

Covered Rules

SEC303MCP config: credential env passthroughMCP configuration passes through credential environment variablesgovernancehardeningjson
SEC307Config: sensitive env forwardingConfiguration forwards sensitive environment variable referencesgovernancehardeningjson
SEC336MCP client config: broad envFileRepo-local MCP client config loads a broad dotenv-style envFilegovernancehardeningjson
SEC352AI markdown: unscoped Bash tool grantAI-native markdown frontmatter grants unscoped Bash tool accessgovernancehardeningmarkdown
SEC362Claude settings: wildcard Bash permissionsClaude settings permissions allow `Bash(*)` in a shared committed configgovernancehardeningclaude_settings
SEC364Claude settings: bypassPermissions default modeClaude settings set `permissions.defaultMode` to `bypassPermissions` in a shared committed configgovernancehardeningclaude_settings
SEC367Claude settings: wildcard WebFetch permissionsClaude settings permissions allow `WebFetch(*)` in a shared committed configgovernancehardeningclaude_settings
SEC369Claude settings: wildcard Write permissionsClaude settings permissions allow `Write(*)` in a shared committed configgovernancehardeningclaude_settings
SEC372Claude settings: wildcard Read permissionsClaude settings permissions allow `Read(*)` in a shared committed configgovernancehardeningclaude_settings
SEC373Claude settings: wildcard Edit permissionsClaude settings permissions allow `Edit(*)` in a shared committed configgovernancehardeningclaude_settings
SEC374Claude settings: wildcard WebSearch permissionsClaude settings permissions allow `WebSearch(*)` in a shared committed configgovernancehardeningclaude_settings
SEC375Claude settings: wildcard Glob permissionsClaude settings permissions allow `Glob(*)` in a shared committed configgovernancehardeningclaude_settings
SEC376Claude settings: wildcard Grep permissionsClaude settings permissions allow `Grep(*)` in a shared committed configgovernancehardeningclaude_settings
SEC384Claude settings: bare WebSearch permissionsClaude settings permissions allow bare `WebSearch` in a shared committed configgovernancehardeningclaude_settings
SEC385Claude settings: shared git push permissionsClaude settings permissions allow `Bash(git push)` in a shared committed configgovernancehardeningclaude_settings
SEC386Claude settings: shared git checkout permissionsClaude settings permissions allow `Bash(git checkout:*)` in a shared committed configgovernancehardeningclaude_settings
SEC387Claude settings: shared git commit permissionsClaude settings permissions allow `Bash(git commit:*)` in a shared committed configgovernancehardeningclaude_settings
SEC388Claude settings: shared git stash permissionsClaude settings permissions allow `Bash(git stash:*)` in a shared committed configgovernancehardeningclaude_settings
SEC389AI markdown: bare WebSearch tool grantAI-native markdown frontmatter grants bare `WebSearch` tool accessgovernancehardeningmarkdown
SEC390AI markdown: shared git push tool grantAI-native markdown frontmatter grants `Bash(git push)` tool accessgovernancehardeningmarkdown
SEC391AI markdown: shared git checkout tool grantAI-native markdown frontmatter grants `Bash(git checkout:*)` tool accessgovernancehardeningmarkdown
SEC392AI markdown: shared git commit tool grantAI-native markdown frontmatter grants `Bash(git commit:*)` tool accessgovernancehardeningmarkdown
SEC393AI markdown: shared git stash tool grantAI-native markdown frontmatter grants `Bash(git stash:*)` tool accessgovernancehardeningmarkdown
SEC394MCP config: wildcard auto-approveMCP configuration auto-approves all tools with `autoApprove: ["*"]`governancehardeningjson
SEC395MCP config: autoApproveTools trueMCP configuration auto-approves all tools with `autoApproveTools: true`governancehardeningjson
SEC396MCP config: trustTools trueMCP configuration fully trusts tools with `trustTools: true`governancehardeningjson
SEC397MCP config: sandbox disabledMCP configuration disables sandboxing with `sandbox: false` or `disableSandbox: true`governancehardeningjson
SEC398MCP config: wildcard capabilitiesMCP configuration grants all capabilities with `capabilities: ["*"]` or `capabilities: "*"`governancehardeningjson
SEC399Claude settings: shared npx Bash permissionsClaude settings permissions allow `Bash(npx ...)` in a shared committed configgovernancehardeningclaude_settings
SEC400Claude settings: shared enabledMcpjsonServersClaude settings enable `enabledMcpjsonServers` in a shared committed configgovernancehardeningclaude_settings
SEC404AI markdown: bare WebFetch tool grantAI-native markdown frontmatter grants bare `WebFetch` tool accessgovernancehardeningmarkdown
SEC405Claude settings: shared package install permissionsClaude settings permissions allow package installation commands in a shared committed configgovernancehardeningclaude_settings
SEC406Claude settings: shared git add permissionsClaude settings permissions allow `Bash(git add:*)` in a shared committed configgovernancehardeningclaude_settings
SEC407Claude settings: shared git clone permissionsClaude settings permissions allow `Bash(git clone:*)` in a shared committed configgovernancehardeningclaude_settings
SEC408Claude settings: shared gh pr permissionsClaude settings permissions allow `Bash(gh pr:*)` in a shared committed configgovernancehardeningclaude_settings
SEC409Claude settings: shared git fetch permissionsClaude settings permissions allow `Bash(git fetch:*)` in a shared committed configgovernancehardeningclaude_settings
SEC410Claude settings: shared git ls-remote permissionsClaude settings permissions allow `Bash(git ls-remote:*)` in a shared committed configgovernancehardeningclaude_settings
SEC411Claude settings: shared curl permissionsClaude settings permissions allow `Bash(curl:*)` in a shared committed configgovernancehardeningclaude_settings
SEC412Claude settings: shared wget permissionsClaude settings permissions allow `Bash(wget:*)` in a shared committed configgovernancehardeningclaude_settings
SEC413Claude settings: shared git config permissionsClaude settings permissions allow `Bash(git config:*)` in a shared committed configgovernancehardeningclaude_settings
SEC414Claude settings: shared git tag permissionsClaude settings permissions allow `Bash(git tag:*)` in a shared committed configgovernancehardeningclaude_settings
SEC415Claude settings: shared git branch permissionsClaude settings permissions allow `Bash(git branch:*)` in a shared committed configgovernancehardeningclaude_settings
SEC418Claude settings: shared raw.githubusercontent.com WebFetch permissionsClaude settings permissions allow `WebFetch(domain:raw.githubusercontent.com)` in a shared committed configgovernancehardeningclaude_settings
SEC419AI markdown: `Bash(curl:*)` tool grantAI-native markdown frontmatter grants `Bash(curl:*)` authoritygovernancehardeningmarkdown
SEC420AI markdown: `Bash(wget:*)` tool grantAI-native markdown frontmatter grants `Bash(wget:*)` authoritygovernancehardeningmarkdown
SEC421AI markdown: `Bash(git clone:*)` tool grantAI-native markdown frontmatter grants `Bash(git clone:*)` authoritygovernancehardeningmarkdown
SEC423AI markdown: bare Read tool grantAI-native markdown frontmatter grants bare `Read` tool accessgovernancehardeningmarkdown
SEC424AI markdown: bare Write tool grantAI-native markdown frontmatter grants bare `Write` tool accessgovernancehardeningmarkdown
SEC425AI markdown: bare Edit tool grantAI-native markdown frontmatter grants bare `Edit` tool accessgovernancehardeningmarkdown
SEC426AI markdown: bare Glob tool grantAI-native markdown frontmatter grants bare `Glob` tool accessgovernancehardeningmarkdown
SEC427AI markdown: bare Grep tool grantAI-native markdown frontmatter grants bare `Grep` tool accessgovernancehardeningmarkdown
SEC428AI markdown: unsafe Read path grantAI-native markdown frontmatter grants `Read(...)` over an unsafe repo-external pathgovernancehardeningmarkdown
SEC429AI markdown: unsafe Write path grantAI-native markdown frontmatter grants `Write(...)` over an unsafe repo-external pathgovernancehardeningmarkdown
SEC430AI markdown: unsafe Edit path grantAI-native markdown frontmatter grants `Edit(...)` over an unsafe repo-external pathgovernancehardeningmarkdown
SEC431AI markdown: unsafe Glob path grantAI-native markdown frontmatter grants `Glob(...)` over an unsafe repo-external pathgovernancehardeningmarkdown
SEC432AI markdown: `Bash(git add:*)` tool grantAI-native markdown frontmatter grants `Bash(git add:*)` authoritygovernancehardeningmarkdown
SEC433AI markdown: `Bash(git fetch:*)` tool grantAI-native markdown frontmatter grants `Bash(git fetch:*)` authoritygovernancehardeningmarkdown
SEC434AI markdown: raw.githubusercontent.com WebFetch grantAI-native markdown frontmatter grants `WebFetch(domain:raw.githubusercontent.com)` authoritygovernancehardeningmarkdown
SEC435AI markdown: `Bash(git config:*)` tool grantAI-native markdown frontmatter grants `Bash(git config:*)` authoritygovernancehardeningmarkdown
SEC436AI markdown: `Bash(git tag:*)` tool grantAI-native markdown frontmatter grants `Bash(git tag:*)` authoritygovernancehardeningmarkdown
SEC437AI markdown: `Bash(git branch:*)` tool grantAI-native markdown frontmatter grants `Bash(git branch:*)` authoritygovernancehardeningmarkdown
SEC438AI markdown: `Bash(git reset:*)` tool grantAI-native markdown frontmatter grants `Bash(git reset:*)` authoritygovernancehardeningmarkdown
SEC439AI markdown: `Bash(git clean:*)` tool grantAI-native markdown frontmatter grants `Bash(git clean:*)` authoritygovernancehardeningmarkdown
SEC440AI markdown: `Bash(git restore:*)` tool grantAI-native markdown frontmatter grants `Bash(git restore:*)` authoritygovernancehardeningmarkdown
SEC441AI markdown: `Bash(git rebase:*)` tool grantAI-native markdown frontmatter grants `Bash(git rebase:*)` authoritygovernancehardeningmarkdown
SEC442AI markdown: `Bash(git merge:*)` tool grantAI-native markdown frontmatter grants `Bash(git merge:*)` authoritygovernancehardeningmarkdown
SEC443AI markdown: `Bash(git cherry-pick:*)` tool grantAI-native markdown frontmatter grants `Bash(git cherry-pick:*)` authoritygovernancehardeningmarkdown
SEC444AI markdown: `Bash(git apply:*)` tool grantAI-native markdown frontmatter grants `Bash(git apply:*)` authoritygovernancehardeningmarkdown
SEC445AI markdown: `Bash(git am:*)` tool grantAI-native markdown frontmatter grants `Bash(git am:*)` authoritygovernancehardeningmarkdown
SEC447AI markdown: package installation tool grantAI-native markdown frontmatter grants package installation authoritygovernancehardeningmarkdown
SEC463AI markdown: `Bash(sudo:*)` tool grantAI-native markdown frontmatter grants `Bash(sudo:*)` authoritygovernancehardeningmarkdown
SEC466AI markdown: `Bash(rm:*)` tool grantAI-native markdown frontmatter grants `Bash(rm:*)` authoritygovernancehardeningmarkdown
SEC467AI markdown: `Bash(chmod:*)` tool grantAI-native markdown frontmatter grants `Bash(chmod:*)` authoritygovernancehardeningmarkdown
SEC468AI markdown: `Bash(chown:*)` tool grantAI-native markdown frontmatter grants `Bash(chown:*)` authoritygovernancehardeningmarkdown
SEC469AI markdown: `Bash(chgrp:*)` tool grantAI-native markdown frontmatter grants `Bash(chgrp:*)` authoritygovernancehardeningmarkdown
SEC470AI markdown: `Bash(su:*)` tool grantAI-native markdown frontmatter grants `Bash(su:*)` authoritygovernancehardeningmarkdown
SEC474AI markdown: shared gh pr tool grantAI-native markdown frontmatter grants `Bash(gh pr:*)` tool accessgovernancehardeningmarkdown
SEC475Claude settings: unsafe Read path permissionsClaude settings permissions allow `Read(...)` over an unsafe path in a shared committed configgovernancehardeningclaude_settings
SEC476Claude settings: unsafe Write path permissionsClaude settings permissions allow `Write(...)` over an unsafe path in a shared committed configgovernancehardeningclaude_settings
SEC477Claude settings: unsafe Edit path permissionsClaude settings permissions allow `Edit(...)` over an unsafe path in a shared committed configgovernancehardeningclaude_settings
SEC478Claude settings: shared git reset permissionsClaude settings permissions allow `Bash(git reset:*)` in a shared committed configgovernancehardeningclaude_settings
SEC479Claude settings: shared git clean permissionsClaude settings permissions allow `Bash(git clean:*)` in a shared committed configgovernancehardeningclaude_settings
SEC480Claude settings: shared git restore permissionsClaude settings permissions allow `Bash(git restore:*)` in a shared committed configgovernancehardeningclaude_settings
SEC481Claude settings: shared git rebase permissionsClaude settings permissions allow `Bash(git rebase:*)` in a shared committed configgovernancehardeningclaude_settings
SEC482Claude settings: shared git merge permissionsClaude settings permissions allow `Bash(git merge:*)` in a shared committed configgovernancehardeningclaude_settings
SEC483Claude settings: shared git cherry-pick permissionsClaude settings permissions allow `Bash(git cherry-pick:*)` in a shared committed configgovernancehardeningclaude_settings
SEC484Claude settings: shared git apply permissionsClaude settings permissions allow `Bash(git apply:*)` in a shared committed configgovernancehardeningclaude_settings
SEC485Claude settings: shared git am permissionsClaude settings permissions allow `Bash(git am:*)` in a shared committed configgovernancehardeningclaude_settings
SEC486Claude settings: unsafe Glob path permissionsClaude settings permissions allow `Glob(...)` over an unsafe path in a shared committed configgovernancehardeningclaude_settings
SEC487Claude settings: unsafe Grep path permissionsClaude settings permissions allow `Grep(...)` over an unsafe path in a shared committed configgovernancehardeningclaude_settings
SEC488Claude settings: shared uvx Bash permissionsClaude settings permissions allow `Bash(uvx ...)` in a shared committed configgovernancehardeningclaude_settings
SEC489Claude settings: shared pnpm dlx Bash permissionsClaude settings permissions allow `Bash(pnpm dlx ...)` in a shared committed configgovernancehardeningclaude_settings
SEC490Claude settings: shared yarn dlx Bash permissionsClaude settings permissions allow `Bash(yarn dlx ...)` in a shared committed configgovernancehardeningclaude_settings
SEC491Claude settings: shared pipx run Bash permissionsClaude settings permissions allow `Bash(pipx run ...)` in a shared committed configgovernancehardeningclaude_settings
SEC492Claude settings: shared npm exec Bash permissionsClaude settings permissions allow `Bash(npm exec ...)` in a shared committed configgovernancehardeningclaude_settings
SEC493Claude settings: shared bunx Bash permissionsClaude settings permissions allow `Bash(bunx ...)` in a shared committed configgovernancehardeningclaude_settings
SEC494AI markdown: shared npm exec tool grantAI-native markdown frontmatter grants `Bash(npm exec:*)` tool accessgovernancehardeningmarkdown
SEC495AI markdown: shared bunx tool grantAI-native markdown frontmatter grants `Bash(bunx:*)` tool accessgovernancehardeningmarkdown
SEC496AI markdown: shared uvx tool grantAI-native markdown frontmatter grants `Bash(uvx:*)` tool accessgovernancehardeningmarkdown
SEC497AI markdown: shared pnpm dlx tool grantAI-native markdown frontmatter grants `Bash(pnpm dlx:*)` tool accessgovernancehardeningmarkdown
SEC498AI markdown: shared yarn dlx tool grantAI-native markdown frontmatter grants `Bash(yarn dlx:*)` tool accessgovernancehardeningmarkdown
SEC499AI markdown: shared pipx run tool grantAI-native markdown frontmatter grants `Bash(pipx run:*)` tool accessgovernancehardeningmarkdown
SEC500AI markdown: shared npx tool grantAI-native markdown frontmatter grants `Bash(npx:*)` tool accessgovernancehardeningmarkdown
SEC501AI markdown: shared git ls-remote tool grantAI-native markdown frontmatter grants `Bash(git ls-remote:*)` tool accessgovernancehardeningmarkdown
SEC502Claude settings: shared gh api POST permissionsClaude settings permissions allow `Bash(gh api --method POST:*)` in a shared committed configgovernancehardeningclaude_settings
SEC503Claude settings: shared gh issue create permissionsClaude settings permissions allow `Bash(gh issue create:*)` in a shared committed configgovernancehardeningclaude_settings
SEC504Claude settings: shared gh repo create permissionsClaude settings permissions allow `Bash(gh repo create:*)` in a shared committed configgovernancehardeningclaude_settings
SEC505AI markdown: shared gh api POST tool grantAI-native markdown frontmatter grants `Bash(gh api --method POST:*)` tool accessgovernancehardeningmarkdown
SEC506AI markdown: shared gh issue create tool grantAI-native markdown frontmatter grants `Bash(gh issue create:*)` tool accessgovernancehardeningmarkdown
SEC507AI markdown: shared gh repo create tool grantAI-native markdown frontmatter grants `Bash(gh repo create:*)` tool accessgovernancehardeningmarkdown
SEC508Claude settings: shared gh secret set permissionsClaude settings permissions allow `Bash(gh secret set:*)` in a shared committed configgovernancehardeningclaude_settings
SEC509Claude settings: shared gh variable set permissionsClaude settings permissions allow `Bash(gh variable set:*)` in a shared committed configgovernancehardeningclaude_settings
SEC510Claude settings: shared gh workflow run permissionsClaude settings permissions allow `Bash(gh workflow run:*)` in a shared committed configgovernancehardeningclaude_settings
SEC511AI markdown: shared gh secret set tool grantAI-native markdown frontmatter grants `Bash(gh secret set:*)` tool accessgovernancehardeningmarkdown
SEC512AI markdown: shared gh variable set tool grantAI-native markdown frontmatter grants `Bash(gh variable set:*)` tool accessgovernancehardeningmarkdown
SEC513AI markdown: shared gh workflow run tool grantAI-native markdown frontmatter grants `Bash(gh workflow run:*)` tool accessgovernancehardeningmarkdown
SEC514Claude settings: shared gh secret delete permissionsClaude settings permissions allow `Bash(gh secret delete:*)` in a shared committed configgovernancehardeningclaude_settings
SEC515Claude settings: shared gh variable delete permissionsClaude settings permissions allow `Bash(gh variable delete:*)` in a shared committed configgovernancehardeningclaude_settings
SEC516Claude settings: shared gh workflow disable permissionsClaude settings permissions allow `Bash(gh workflow disable:*)` in a shared committed configgovernancehardeningclaude_settings
SEC517AI markdown: shared gh secret delete tool grantAI-native markdown frontmatter grants `Bash(gh secret delete:*)` tool accessgovernancehardeningmarkdown
SEC518AI markdown: shared gh variable delete tool grantAI-native markdown frontmatter grants `Bash(gh variable delete:*)` tool accessgovernancehardeningmarkdown
SEC519AI markdown: shared gh workflow disable tool grantAI-native markdown frontmatter grants `Bash(gh workflow disable:*)` tool accessgovernancehardeningmarkdown
SEC520AI markdown: `Read(*)` wildcard tool grantAI-native markdown frontmatter grants `Read(*)` wildcard accessgovernancehardeningmarkdown
SEC521AI markdown: `Write(*)` wildcard tool grantAI-native markdown frontmatter grants `Write(*)` wildcard accessgovernancehardeningmarkdown
SEC522AI markdown: `Edit(*)` wildcard tool grantAI-native markdown frontmatter grants `Edit(*)` wildcard accessgovernancehardeningmarkdown
SEC523AI markdown: `Glob(*)` wildcard tool grantAI-native markdown frontmatter grants `Glob(*)` wildcard accessgovernancehardeningmarkdown
SEC524AI markdown: `Grep(*)` wildcard tool grantAI-native markdown frontmatter grants `Grep(*)` wildcard accessgovernancehardeningmarkdown
SEC525AI markdown: `WebFetch(*)` wildcard tool grantAI-native markdown frontmatter grants `WebFetch(*)` wildcard accessgovernancehardeningmarkdown
SEC526AI markdown: `WebSearch(*)` wildcard tool grantAI-native markdown frontmatter grants `WebSearch(*)` wildcard accessgovernancehardeningmarkdown
SEC527AI markdown: `Bash(*)` wildcard tool grantAI-native markdown frontmatter grants `Bash(*)` wildcard accessgovernancehardeningmarkdown
SEC528Claude settings: shared gh api DELETE permissionsClaude settings permissions allow `Bash(gh api --method DELETE:*)` in a shared committed configgovernancehardeningclaude_settings
SEC529AI markdown: shared gh api DELETE tool grantAI-native markdown frontmatter grants `Bash(gh api --method DELETE:*)` tool accessgovernancehardeningmarkdown
SEC530Claude settings: shared gh api PATCH permissionsClaude settings permissions allow `Bash(gh api --method PATCH:*)` in a shared committed configgovernancehardeningclaude_settings
SEC531Claude settings: shared gh api PUT permissionsClaude settings permissions allow `Bash(gh api --method PUT:*)` in a shared committed configgovernancehardeningclaude_settings
SEC532AI markdown: shared gh api PATCH tool grantAI-native markdown frontmatter grants `Bash(gh api --method PATCH:*)` tool accessgovernancehardeningmarkdown
SEC533AI markdown: shared gh api PUT tool grantAI-native markdown frontmatter grants `Bash(gh api --method PUT:*)` tool accessgovernancehardeningmarkdown
SEC534Claude settings: shared gh repo delete permissionsClaude settings permissions allow `Bash(gh repo delete:*)` in a shared committed configgovernancehardeningclaude_settings
SEC535AI markdown: shared gh repo delete tool grantAI-native markdown frontmatter grants `Bash(gh repo delete:*)` tool accessgovernancehardeningmarkdown
SEC536Claude settings: shared gh release delete permissionsClaude settings permissions allow `Bash(gh release delete:*)` in a shared committed configgovernancehardeningclaude_settings
SEC537AI markdown: shared gh release delete tool grantAI-native markdown frontmatter grants `Bash(gh release delete:*)` tool accessgovernancehardeningmarkdown
SEC538Claude settings: shared gh repo edit permissionsClaude settings permissions allow `Bash(gh repo edit:*)` in a shared committed configgovernancehardeningclaude_settings
SEC539AI markdown: shared gh repo edit tool grantAI-native markdown frontmatter grants `Bash(gh repo edit:*)` tool accessgovernancehardeningmarkdown
SEC540Claude settings: shared gh release create permissionsClaude settings permissions allow `Bash(gh release create:*)` in a shared committed configgovernancehardeningclaude_settings
SEC541AI markdown: shared gh release create tool grantAI-native markdown frontmatter grants `Bash(gh release create:*)` tool accessgovernancehardeningmarkdown
SEC542Claude settings: shared gh repo transfer permissionsClaude settings permissions allow `Bash(gh repo transfer:*)` in a shared committed configgovernancehardeningclaude_settings
SEC543AI markdown: shared gh repo transfer tool grantAI-native markdown frontmatter grants `Bash(gh repo transfer:*)` tool accessgovernancehardeningmarkdown
SEC544Claude settings: shared gh release upload permissionsClaude settings permissions allow `Bash(gh release upload:*)` in a shared committed configgovernancehardeningclaude_settings
SEC545AI markdown: shared gh release upload tool grantAI-native markdown frontmatter grants `Bash(gh release upload:*)` tool accessgovernancehardeningmarkdown
SEC546MCP config: Bash(*) auto-approveMCP configuration auto-approves blanket shell execution with `autoApprove: ["Bash(*)"]`governancehardeningjson
SEC547MCP config: curl auto-approveMCP configuration auto-approves `Bash(curl:*)` through `autoApprove`governancehardeningjson
SEC548MCP config: wget auto-approveMCP configuration auto-approves `Bash(wget:*)` through `autoApprove`governancehardeningjson
SEC549MCP config: sudo auto-approveMCP configuration auto-approves `Bash(sudo:*)` through `autoApprove`governancehardeningjson
SEC550MCP config: rm auto-approveMCP configuration auto-approves `Bash(rm:*)` through `autoApprove`governancehardeningjson
SEC551MCP config: git push auto-approveMCP configuration auto-approves `Bash(git push)` through `autoApprove`governancehardeningjson
SEC552MCP config: gh api POST auto-approveMCP configuration auto-approves `Bash(gh api --method POST:*)` through `autoApprove`governancehardeningjson
SEC553MCP config: git checkout auto-approveMCP configuration auto-approves `Bash(git checkout:*)` through `autoApprove`governancehardeningjson
SEC554MCP config: git commit auto-approveMCP configuration auto-approves `Bash(git commit:*)` through `autoApprove`governancehardeningjson
SEC555MCP config: git reset auto-approveMCP configuration auto-approves `Bash(git reset:*)` through `autoApprove`governancehardeningjson
SEC556MCP config: git clean auto-approveMCP configuration auto-approves `Bash(git clean:*)` through `autoApprove`governancehardeningjson
SEC557MCP config: gh api DELETE auto-approveMCP configuration auto-approves `Bash(gh api --method DELETE:*)` through `autoApprove`governancehardeningjson
SEC558MCP config: gh api PATCH auto-approveMCP configuration auto-approves `Bash(gh api --method PATCH:*)` through `autoApprove`governancehardeningjson
SEC559MCP config: gh api PUT auto-approveMCP configuration auto-approves `Bash(gh api --method PUT:*)` through `autoApprove`governancehardeningjson
SEC560MCP config: gh issue create auto-approveMCP configuration auto-approves `Bash(gh issue create:*)` through `autoApprove`governancehardeningjson
SEC561MCP config: gh repo create auto-approveMCP configuration auto-approves `Bash(gh repo create:*)` through `autoApprove`governancehardeningjson
SEC562MCP config: gh repo delete auto-approveMCP configuration auto-approves `Bash(gh repo delete:*)` through `autoApprove`governancehardeningjson
SEC563MCP config: gh repo edit auto-approveMCP configuration auto-approves `Bash(gh repo edit:*)` through `autoApprove`governancehardeningjson
SEC564MCP config: gh secret set auto-approveMCP configuration auto-approves `Bash(gh secret set:*)` through `autoApprove`governancehardeningjson
SEC565MCP config: gh variable set auto-approveMCP configuration auto-approves `Bash(gh variable set:*)` through `autoApprove`governancehardeningjson
SEC566MCP config: gh workflow run auto-approveMCP configuration auto-approves `Bash(gh workflow run:*)` through `autoApprove`governancehardeningjson
SEC567MCP config: Read wildcard auto-approveMCP configuration auto-approves `Read(*)` through `autoApprove`governancehardeningjson
SEC568MCP config: Write wildcard auto-approveMCP configuration auto-approves `Write(*)` through `autoApprove`governancehardeningjson
SEC569MCP config: Edit wildcard auto-approveMCP configuration auto-approves `Edit(*)` through `autoApprove`governancehardeningjson
SEC570MCP config: Glob wildcard auto-approveMCP configuration auto-approves `Glob(*)` through `autoApprove`governancehardeningjson
SEC571MCP config: Grep wildcard auto-approveMCP configuration auto-approves `Grep(*)` through `autoApprove`governancehardeningjson
SEC572MCP config: WebFetch wildcard auto-approveMCP configuration auto-approves `WebFetch(*)` through `autoApprove`governancehardeningjson
SEC573MCP config: WebSearch wildcard auto-approveMCP configuration auto-approves `WebSearch(*)` through `autoApprove`governancehardeningjson
SEC574MCP config: Read unsafe path auto-approveMCP configuration auto-approves `Read(...)` over an unsafe path through `autoApprove`governancehardeningjson
SEC575MCP config: Write unsafe path auto-approveMCP configuration auto-approves `Write(...)` over an unsafe path through `autoApprove`governancehardeningjson
SEC576MCP config: Edit unsafe path auto-approveMCP configuration auto-approves `Edit(...)` over an unsafe path through `autoApprove`governancehardeningjson
SEC577MCP config: Glob unsafe path auto-approveMCP configuration auto-approves `Glob(...)` over an unsafe path through `autoApprove`governancehardeningjson
SEC578MCP config: Grep unsafe path auto-approveMCP configuration auto-approves `Grep(...)` over an unsafe path through `autoApprove`governancehardeningjson
SEC579MCP config: gh secret delete auto-approveMCP configuration auto-approves `Bash(gh secret delete:*)` through `autoApprove`governancehardeningjson
SEC580MCP config: gh variable delete auto-approveMCP configuration auto-approves `Bash(gh variable delete:*)` through `autoApprove`governancehardeningjson
SEC581MCP config: gh workflow disable auto-approveMCP configuration auto-approves `Bash(gh workflow disable:*)` through `autoApprove`governancehardeningjson
SEC582MCP config: gh repo transfer auto-approveMCP configuration auto-approves `Bash(gh repo transfer:*)` through `autoApprove`governancehardeningjson
SEC583MCP config: gh release create auto-approveMCP configuration auto-approves `Bash(gh release create:*)` through `autoApprove`governancehardeningjson
SEC584MCP config: gh release delete auto-approveMCP configuration auto-approves `Bash(gh release delete:*)` through `autoApprove`governancehardeningjson
SEC585MCP config: gh release upload auto-approveMCP configuration auto-approves `Bash(gh release upload:*)` through `autoApprove`governancehardeningjson
SEC586MCP config: npx auto-approveMCP configuration auto-approves `Bash(npx ...)` through `autoApprove`governancehardeningjson
SEC587MCP config: uvx auto-approveMCP configuration auto-approves `Bash(uvx ...)` through `autoApprove`governancehardeningjson
SEC588MCP config: npm exec auto-approveMCP configuration auto-approves `Bash(npm exec ...)` through `autoApprove`governancehardeningjson
SEC589MCP config: bunx auto-approveMCP configuration auto-approves `Bash(bunx ...)` through `autoApprove`governancehardeningjson
SEC590MCP config: pnpm dlx auto-approveMCP configuration auto-approves `Bash(pnpm dlx ...)` through `autoApprove`governancehardeningjson
SEC591MCP config: yarn dlx auto-approveMCP configuration auto-approves `Bash(yarn dlx ...)` through `autoApprove`governancehardeningjson
SEC592MCP config: pipx run auto-approveMCP configuration auto-approves `Bash(pipx run ...)` through `autoApprove`governancehardeningjson
SEC593MCP config: package install auto-approveMCP configuration auto-approves package installation commands through `autoApprove`governancehardeningjson
SEC594MCP config: git clone auto-approveMCP configuration auto-approves `Bash(git clone:*)` through `autoApprove`governancehardeningjson
SEC595MCP config: git fetch auto-approveMCP configuration auto-approves `Bash(git fetch:*)` through `autoApprove`governancehardeningjson
SEC596MCP config: git ls-remote auto-approveMCP configuration auto-approves `Bash(git ls-remote:*)` through `autoApprove`governancehardeningjson
SEC597MCP config: git add auto-approveMCP configuration auto-approves `Bash(git add:*)` through `autoApprove`governancehardeningjson
SEC598MCP config: git config auto-approveMCP configuration auto-approves `Bash(git config:*)` through `autoApprove`governancehardeningjson
SEC599MCP config: git tag auto-approveMCP configuration auto-approves `Bash(git tag:*)` through `autoApprove`governancehardeningjson
SEC600MCP config: git branch auto-approveMCP configuration auto-approves `Bash(git branch:*)` through `autoApprove`governancehardeningjson
SEC601MCP config: gh pr auto-approveMCP configuration auto-approves `Bash(gh pr:*)` through `autoApprove`governancehardeningjson
SEC602MCP config: git stash auto-approveMCP configuration auto-approves `Bash(git stash:*)` through `autoApprove`governancehardeningjson
SEC603MCP config: git restore auto-approveMCP configuration auto-approves `Bash(git restore:*)` through `autoApprove`governancehardeningjson
SEC604MCP config: git rebase auto-approveMCP configuration auto-approves `Bash(git rebase:*)` through `autoApprove`governancehardeningjson
SEC605MCP config: git merge auto-approveMCP configuration auto-approves `Bash(git merge:*)` through `autoApprove`governancehardeningjson
SEC606MCP config: git cherry-pick auto-approveMCP configuration auto-approves `Bash(git cherry-pick:*)` through `autoApprove`governancehardeningjson
SEC607MCP config: git apply auto-approveMCP configuration auto-approves `Bash(git apply:*)` through `autoApprove`governancehardeningjson
SEC608MCP config: git am auto-approveMCP configuration auto-approves `Bash(git am:*)` through `autoApprove`governancehardeningjson
SEC609MCP config: crontab auto-approveMCP configuration auto-approves `Bash(crontab:*)` through `autoApprove`governancehardeningjson
SEC610MCP config: systemctl enable auto-approveMCP configuration auto-approves `Bash(systemctl enable:*)` through `autoApprove`governancehardeningjson
SEC611MCP config: launchctl load auto-approveMCP configuration auto-approves `Bash(launchctl load:*)` through `autoApprove`governancehardeningjson
SEC612MCP config: launchctl bootstrap auto-approveMCP configuration auto-approves `Bash(launchctl bootstrap:*)` through `autoApprove`governancehardeningjson
SEC613MCP config: chmod auto-approveMCP configuration auto-approves `Bash(chmod:*)` through `autoApprove`governancehardeningjson
SEC614MCP config: chown auto-approveMCP configuration auto-approves `Bash(chown:*)` through `autoApprove`governancehardeningjson
SEC615MCP config: chgrp auto-approveMCP configuration auto-approves `Bash(chgrp:*)` through `autoApprove`governancehardeningjson
SEC616MCP config: su auto-approveMCP configuration auto-approves `Bash(su:*)` through `autoApprove`governancehardeningjson
SEC617MCP config: raw.githubusercontent.com WebFetch auto-approveMCP configuration auto-approves `WebFetch(domain:raw.githubusercontent.com)` through `autoApprove`governancehardeningjson
SEC618MCP config: bare Read auto-approveMCP configuration auto-approves bare `Read` through `autoApprove`governancehardeningjson
SEC619MCP config: bare Write auto-approveMCP configuration auto-approves bare `Write` through `autoApprove`governancehardeningjson
SEC620MCP config: bare Edit auto-approveMCP configuration auto-approves bare `Edit` through `autoApprove`governancehardeningjson
SEC621MCP config: bare Glob auto-approveMCP configuration auto-approves bare `Glob` through `autoApprove`governancehardeningjson
SEC622MCP config: bare Grep auto-approveMCP configuration auto-approves bare `Grep` through `autoApprove`governancehardeningjson
SEC623MCP config: bare WebFetch auto-approveMCP configuration auto-approves bare `WebFetch` through `autoApprove`governancehardeningjson
SEC624MCP config: bare WebSearch auto-approveMCP configuration auto-approves bare `WebSearch` through `autoApprove`governancehardeningjson
SEC625MCP config: bare Bash auto-approveMCP configuration auto-approves bare `Bash` through `autoApprove`governancehardeningjson
SEC626Claude settings: bare Bash permissionsClaude settings permissions allow bare `Bash` in a shared committed configgovernancehardeningclaude_settings
SEC627Claude settings: bare Read permissionsClaude settings permissions allow bare `Read` in a shared committed configgovernancehardeningclaude_settings
SEC628Claude settings: bare Write permissionsClaude settings permissions allow bare `Write` in a shared committed configgovernancehardeningclaude_settings
SEC629Claude settings: bare Edit permissionsClaude settings permissions allow bare `Edit` in a shared committed configgovernancehardeningclaude_settings
SEC630Claude settings: bare Glob permissionsClaude settings permissions allow bare `Glob` in a shared committed configgovernancehardeningclaude_settings
SEC631Claude settings: bare Grep permissionsClaude settings permissions allow bare `Grep` in a shared committed configgovernancehardeningclaude_settings
SEC632Claude settings: bare WebFetch permissionsClaude settings permissions allow bare `WebFetch` in a shared committed configgovernancehardeningclaude_settings

What This Preset Enables

The governance preset enables opt-in review rules for shared authority decisions that are structurally detectable, but should not be framed as headline security findings by default.

This includes both:

  • shared mutation authority such as Git publication or repository-changing commands
  • broad default read, write, edit, search, discovery, and fetch grants in checked-in AI-native frontmatter
  • shared workflow permissions such as curl, wget, git clone, git add, npx, or similar command grants in committed AI settings, Claude settings, and frontmatter

When To Use It

Use it when you want lintai to review repo-wide defaults such as shared Git mutation authority, shared workflow command grants, or broad bare tool grants in committed AI settings, Claude settings, and allowed-tools, especially in teams that care about least privilege and workflow design in checked-in agent instructions.

Tradeoffs

These checks are intentionally separate from both recommended and preview. They are precise, but some findings can still be legitimate workflow choices that need explicit review rather than automatic escalation.