From 2fdd30bf04d6483085cd9b31f0419ebacd011911 Mon Sep 17 00:00:00 2001
From: Bryan Ramos <bryan@ramos.codes>
Date: Wed, 1 Apr 2026 16:56:54 -0400
Subject: [PATCH] fix: add schema, Bash deny rules for secrets, fix git push -f
 glob

---
 settings.json | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/settings.json b/settings.json
index 51faf3c..b43dea1 100644
--- a/settings.json
+++ b/settings.json
@@ -1,4 +1,5 @@
 {
+  "$schema": "https://json.schemastore.org/claude-code-settings.json",
   "permissions": {
     "allow": [
       "Bash",
@@ -14,7 +15,7 @@
       "Bash(rm *)",
       "Bash(rmdir *)",
       "Bash(git push --force*)",
-      "Bash(git push -f *)",
+      "Bash(git push -f*)",
       "Bash(git reset --hard*)",
       "Bash(git clean *)",
       "Bash(chmod *)",
@@ -31,7 +32,14 @@
       "Read(~/.aws/**)",
       "Read(~/.gnupg/**)",
       "Read(./.env)",
-      "Read(./.env.*)"
+      "Read(./.env.*)",
+      "Bash(cat ~/.ssh/*)",
+      "Bash(cat ~/.aws/*)",
+      "Bash(cat ~/.gnupg/*)",
+      "Bash(cat .env*)",
+      "Bash(less ~/.ssh/*)",
+      "Bash(less ~/.aws/*)",
+      "Bash(less ~/.gnupg/*)"
     ]
   },
   "model": "sonnet",