Claude settings: bare WebFetch permissions

Claude settings permissions allow bare `WebFetch` in a shared committed config

Provider: lintai-ai-security
Surface: claude_settings
Scope: per_file
Tier: stable
Severity: warn
Confidence: high
Detection: structural
Remediation: message_only

Activation Model

Preset Membership

This rule is part of the builtin activation graph through these preset memberships.

previewmembership

claudemembership

Lifecycle

Stable Lifecycle Contract

State

stable_gated

Graduation rationale

Checks shared Claude settings permissions for exact bare `WebFetch` grants.

Deterministic signal basis

ClaudeSettingsSignals exact string detection for bare `WebFetch` inside permissions.allow on parsed Claude settings JSON.

Malicious corpus

claude-settings-unscoped-tool-family

Benign corpus

claude-settings-unscoped-tool-family-specific-safe

structured evidence required remediation reviewed

Canonical note

Structural stable rule intended as a high-precision check with deterministic evidence.

Nearby Signals

Related Rules

SEC362Claude settings: wildcard Bash permissionsClaude settings permissions allow `Bash(*)` in a shared committed configclaude_settingsstable

SEC364Claude settings: bypassPermissions default modeClaude settings set `permissions.defaultMode` to `bypassPermissions` in a shared committed configclaude_settingsstable

SEC367Claude settings: wildcard WebFetch permissionsClaude settings permissions allow `WebFetch(*)` in a shared committed configclaude_settingsstable

SEC369Claude settings: wildcard Write permissionsClaude settings permissions allow `Write(*)` in a shared committed configclaude_settingsstable

SEC372Claude settings: wildcard Read permissionsClaude settings permissions allow `Read(*)` in a shared committed configclaude_settingsstable

SEC373Claude settings: wildcard Edit permissionsClaude settings permissions allow `Edit(*)` in a shared committed configclaude_settingsstable

SEC632 / CLAUDE-WEBFETCH

SEC632 flags shared committed Claude settings when permissions.allow contains the exact bare tool token WebFetch.

Why It Matters

Bare WebFetch grants unreviewed remote fetch authority without narrowing access to reviewed domains or paths.

Trigger Shape

This rule matches parsed Claude settings JSON where permissions.allow contains the exact string WebFetch.

How To Fix

Replace bare WebFetch with a narrower reviewed permission pattern such as WebFetch(domain:docs.example.com), or remove broad fetch access from the shared Claude settings file.

Claude settings: bare WebFetch permissions

Preset Membership

Stable Lifecycle Contract

Related Rules

SEC632 / CLAUDE-WEBFETCH ​

Why It Matters ​

Trigger Shape ​

How To Fix ​

SEC632 / CLAUDE-WEBFETCH

Why It Matters

Trigger Shape

How To Fix