@curdx/flow 2.2.0 → 2.2.4

package/cli/lib/doctor-claude-settings.js

@@ -0,0 +1,736 @@
+import fs from "node:fs/promises";
+import path from "node:path";
+
+const PROJECT_ONLY_IGNORED_SETTINGS = [
+  {
+    key: "autoMemoryDirectory",
+    kind: "ignored-project-setting",
+    message: "autoMemoryDirectory is not accepted in project settings; move it to user or local settings",
+  },
+  {
+    key: "autoMode",
+    kind: "ignored-project-setting",
+    message: "autoMode is not read from shared project settings; move it to user or local settings",
+  },
+  {
+    key: "useAutoModeDuringPlan",
+    kind: "ignored-project-setting",
+    message: "useAutoModeDuringPlan is not read from shared project settings; move it to user or local settings",
+  },
+  {
+    key: "sshConfigs",
+    kind: "ignored-project-setting",
+    message: "sshConfigs is only read from user or managed settings; remove it from shared project settings",
+  },
+  {
+    key: "teammateMode",
+    kind: "invalid-project-setting",
+    message: "teammateMode belongs in the global ~/.claude.json config, not project settings.json",
+  },
+];
+
+const MANAGED_ONLY_SETTINGS = [
+  "allowedChannelPlugins",
+  "allowedMcpServers",
+  "allowManagedHooksOnly",
+  "allowManagedMcpServersOnly",
+  "allowManagedPermissionRulesOnly",
+  "blockedMarketplaces",
+  "channelsEnabled",
+  "deniedMcpServers",
+  "forceRemoteSettingsRefresh",
+  "pluginTrustMessage",
+  "strictKnownMarketplaces",
+];
+
+const SHARED_SCRIPT_SETTINGS = [
+  {
+    key: "apiKeyHelper",
+    kind: "shared-script-setting",
+    message: "apiKeyHelper runs a local script from shared project settings",
+  },
+  {
+    key: "awsAuthRefresh",
+    kind: "shared-script-setting",
+    message: "awsAuthRefresh runs a local credential-refresh script from shared project settings",
+  },
+  {
+    key: "awsCredentialExport",
+    kind: "shared-script-setting",
+    message: "awsCredentialExport runs a local credential-export script from shared project settings",
+  },
+  {
+    key: "otelHeadersHelper",
+    kind: "shared-script-setting",
+    message: "otelHeadersHelper runs a local telemetry script from shared project settings",
+  },
+];
+
+const CURDX_FLOW_AGENT_TYPES = [
+  "flow-adversary",
+  "flow-architect",
+  "flow-brownfield-analyst",
+  "flow-debugger",
+  "flow-edge-hunter",
+  "flow-executor",
+  "flow-planner",
+  "flow-product-designer",
+  "flow-qa-engineer",
+  "flow-researcher",
+  "flow-reviewer",
+  "flow-security-auditor",
+  "flow-triage-analyst",
+  "flow-ui-researcher",
+  "flow-ux-designer",
+  "flow-verifier",
+];
+
+const CURDX_FLOW_REQUIRED_MODEL_ALIASES = ["sonnet", "opus"];
+const CURDX_FLOW_REQUIRED_TOOLS = [
+  "Agent",
+  "AskUserQuestion",
+  "Bash",
+  "Monitor",
+  "Read",
+  "Write",
+  "Edit",
+  "Grep",
+  "Glob",
+];
+const CURDX_FLOW_PLUGIN_ID = "curdx-flow@curdx-flow-marketplace";
+const CURDX_FLOW_REQUIRED_PLUGIN_IDS = ["context7-plugin@context7-marketplace"];
+const HTTP_HOOK_SETTINGS = ["allowedHttpHookUrls", "httpHookAllowedEnvVars"];
+const PERSISTED_EFFORT_LEVELS = ["low", "medium", "high", "xhigh"];
+const ENV_EFFORT_LEVELS = [...PERSISTED_EFFORT_LEVELS, "max", "auto"];
+
+function envFlagEnabled(value) {
+  if (value === true || value === 1) return true;
+  if (typeof value !== "string") return false;
+  return ["1", "true", "yes", "on"].includes(value.trim().toLowerCase());
+}
+
+function normalizedEnvValue(value) {
+  if (typeof value !== "string") return null;
+  const normalized = value.trim();
+  return normalized.length > 0 ? normalized : null;
+}
+
+function parsePermissionRule(rule) {
+  if (typeof rule !== "string") return null;
+  const match = rule.match(/^([A-Za-z][A-Za-z0-9]*)(?:\((.*)\))?$/);
+  if (!match) return null;
+  return {
+    tool: match[1],
+    matcher: match[2] ?? null,
+  };
+}
+
+function isBroadToolDeny(rule) {
+  const parsed = parsePermissionRule(rule);
+  if (!parsed || !CURDX_FLOW_REQUIRED_TOOLS.includes(parsed.tool)) return false;
+  return parsed.matcher === null || parsed.matcher === "*" || parsed.matcher === "**";
+}
+
+function isCurdxFlowAgentDeny(rule) {
+  const parsed = parsePermissionRule(rule);
+  if (!parsed || parsed.tool !== "Agent") return false;
+  if (parsed.matcher === null || parsed.matcher === "*" || parsed.matcher === "**") return true;
+  return CURDX_FLOW_AGENT_TYPES.some(
+    (agentType) => parsed.matcher === agentType || parsed.matcher === `curdx-flow:${agentType}`
+  );
+}
+
+function disabledPluginIdsFromSettings(enabledPlugins) {
+  if (!enabledPlugins || typeof enabledPlugins !== "object" || Array.isArray(enabledPlugins)) {
+    return [];
+  }
+
+  return Object.entries(enabledPlugins)
+    .filter(([, enabled]) => enabled === false)
+    .map(([pluginId]) => pluginId);
+}
+
+function isNonArrayObject(value) {
+  return value && typeof value === "object" && !Array.isArray(value);
+}
+
+function hasProjectBlockingSandboxPath(values) {
+  if (!Array.isArray(values)) return false;
+
+  return values.some((value) => {
+    if (typeof value !== "string") return false;
+    const token = value.trim().replace(/\/\*{1,2}$/, "").replace(/\/$/, "");
+    return [".", ".flow", "./.flow", ".git", "./.git"].includes(token);
+  });
+}
+
+function pushScopedWarning(target, kind, message, scope = "project") {
+  const warning = { kind, message };
+  if (scope !== "project") warning.scope = scope;
+  target.push(warning);
+}
+
+function auditLocalClaudeSettings(parsed, warnings) {
+  const scope = "local";
+  const permissions = parsed?.permissions && typeof parsed.permissions === "object"
+    ? parsed.permissions
+    : {};
+  const deny = Array.isArray(permissions.deny) ? permissions.deny : [];
+
+  if ("enabledPlugins" in parsed && (
+    !parsed.enabledPlugins ||
+    typeof parsed.enabledPlugins !== "object" ||
+    Array.isArray(parsed.enabledPlugins)
+  )) {
+    pushScopedWarning(
+      warnings,
+      "invalid-local-setting",
+      "enabledPlugins in settings.local.json must be an object keyed by plugin@marketplace id",
+      scope
+    );
+  }
+
+  const disabledPluginIds = disabledPluginIdsFromSettings(parsed.enabledPlugins);
+  if (disabledPluginIds.includes(CURDX_FLOW_PLUGIN_ID)) {
+    pushScopedWarning(
+      warnings,
+      "flow-runtime-blocker",
+      `settings.local.json disables CurDX-Flow for this machine: ${CURDX_FLOW_PLUGIN_ID}`,
+      scope
+    );
+  }
+
+  for (const pluginId of CURDX_FLOW_REQUIRED_PLUGIN_IDS) {
+    if (disabledPluginIds.includes(pluginId)) {
+      pushScopedWarning(
+        warnings,
+        "required-plugin-disabled",
+        `settings.local.json disables required CurDX-Flow companion plugin: ${pluginId}`,
+        scope
+      );
+    }
+  }
+
+  if (permissions.defaultMode === "bypassPermissions") {
+    pushScopedWarning(
+      warnings,
+      "bypass-default-mode",
+      'permissions.defaultMode in settings.local.json is "bypassPermissions"',
+      scope
+    );
+  }
+
+  if (permissions.defaultMode === "dontAsk") {
+    pushScopedWarning(
+      warnings,
+      "flow-runtime-blocker",
+      'permissions.defaultMode in settings.local.json is "dontAsk"; CurDX-Flow clarification and Agent dispatch prompts may be auto-denied',
+      scope
+    );
+  }
+
+  for (const rule of deny) {
+    if (isCurdxFlowAgentDeny(rule)) {
+      pushScopedWarning(
+        warnings,
+        "flow-runtime-blocker",
+        `settings.local.json deny rule blocks CurDX-Flow subagent dispatch: ${rule}`,
+        scope
+      );
+      continue;
+    }
+
+    if (isBroadToolDeny(rule)) {
+      pushScopedWarning(
+        warnings,
+        "flow-runtime-blocker",
+        `settings.local.json deny rule blocks a tool CurDX-Flow workflows require: ${rule}`,
+        scope
+      );
+    }
+  }
+
+  if (parsed.env && typeof parsed.env === "object" && !Array.isArray(parsed.env)) {
+    if (envFlagEnabled(parsed.env.CLAUDE_CODE_SIMPLE)) {
+      pushScopedWarning(
+        warnings,
+        "flow-runtime-blocker",
+        "settings.local.json env.CLAUDE_CODE_SIMPLE=1 enables bare/simple mode, disabling CurDX-Flow plugin, hook, skill, MCP, and CLAUDE.md discovery",
+        scope
+      );
+    }
+
+    if (envFlagEnabled(parsed.env.CLAUDE_CODE_SIMPLE_SYSTEM_PROMPT)) {
+      pushScopedWarning(
+        warnings,
+        "local-runtime-setting",
+        "settings.local.json env.CLAUDE_CODE_SIMPLE_SYSTEM_PROMPT=1 forces the minimal Claude system prompt for local sessions",
+        scope
+      );
+    }
+  }
+
+  if (parsed.disableAllHooks === true) {
+    pushScopedWarning(
+      warnings,
+      "flow-runtime-blocker",
+      "settings.local.json disableAllHooks disables CurDX-Flow stop/recovery hooks and plugin subagent status lines",
+      scope
+    );
+  }
+
+  if (parsed.disableSkillShellExecution === true) {
+    pushScopedWarning(
+      warnings,
+      "skill-shell-disabled",
+      "settings.local.json disableSkillShellExecution disables inline shell expansion in project/plugin skills and commands",
+      scope
+    );
+  }
+
+  if (Array.isArray(parsed.availableModels)) {
+    const missing = CURDX_FLOW_REQUIRED_MODEL_ALIASES.filter(
+      (modelAlias) => !parsed.availableModels.includes(modelAlias)
+    );
+    if (missing.length > 0) {
+      pushScopedWarning(
+        warnings,
+        "flow-runtime-blocker",
+        `settings.local.json availableModels excludes CurDX-Flow agent model aliases: ${missing.join(", ")}`,
+        scope
+      );
+    }
+  }
+
+  if ("agent" in parsed) {
+    if (typeof parsed.agent !== "string" || parsed.agent.trim().length === 0) {
+      pushScopedWarning(
+        warnings,
+        "invalid-local-setting",
+        "agent in settings.local.json must be a non-empty subagent name when set",
+        scope
+      );
+    } else {
+      pushScopedWarning(
+        warnings,
+        "flow-runtime-blocker",
+        `settings.local.json routes the main thread through subagent "${parsed.agent}", overriding CurDX-Flow prompt, tools, and model`,
+        scope
+      );
+    }
+  }
+
+  if ("sandbox" in parsed) {
+    if (!isNonArrayObject(parsed.sandbox)) {
+      pushScopedWarning(
+        warnings,
+        "invalid-local-setting",
+        "sandbox in settings.local.json must be an object when set",
+        scope
+      );
+    } else {
+      if (parsed.sandbox.failIfUnavailable === true) {
+        pushScopedWarning(
+          warnings,
+          "flow-runtime-blocker",
+          "settings.local.json sandbox.failIfUnavailable can prevent Claude Code startup on hosts where sandboxing is unavailable",
+          scope
+        );
+      }
+
+      const filesystem = isNonArrayObject(parsed.sandbox.filesystem)
+        ? parsed.sandbox.filesystem
+        : {};
+      if (hasProjectBlockingSandboxPath(filesystem.denyRead)) {
+        pushScopedWarning(
+          warnings,
+          "flow-runtime-blocker",
+          "settings.local.json sandbox.filesystem.denyRead blocks .flow/.git or the project root, which CurDX-Flow must inspect",
+          scope
+        );
+      }
+      if (hasProjectBlockingSandboxPath(filesystem.denyWrite)) {
+        pushScopedWarning(
+          warnings,
+          "flow-runtime-blocker",
+          "settings.local.json sandbox.filesystem.denyWrite blocks .flow/.git or the project root, which CurDX-Flow must update",
+          scope
+        );
+      }
+    }
+  }
+}
+
+export async function readProjectClaudeSettings(cwd = process.cwd()) {
+  const settingsPath = path.join(cwd, ".claude", "settings.json");
+  const localSettingsPath = path.join(cwd, ".claude", "settings.local.json");
+  const state = {
+    exists: false,
+    localExists: false,
+    invalid: false,
+    parseError: null,
+    warnings: [],
+    localInvalid: false,
+    localParseError: null,
+    localWarnings: [],
+  };
+
+  try {
+    const localStat = await fs.stat(localSettingsPath);
+    state.localExists = localStat.isFile();
+  } catch {
+    state.localExists = false;
+  }
+
+  let parsed;
+  try {
+    const stat = await fs.stat(settingsPath);
+    if (!stat.isFile()) {
+      parsed = null;
+    } else {
+      state.exists = true;
+      parsed = JSON.parse(await fs.readFile(settingsPath, "utf-8"));
+    }
+  } catch (error) {
+    if (error?.code !== "ENOENT") {
+      state.invalid = true;
+      state.parseError = error.message;
+      return state;
+    }
+  }
+
+  if (state.exists) {
+    const permissions = parsed?.permissions && typeof parsed.permissions === "object"
+      ? parsed.permissions
+      : {};
+    const allow = Array.isArray(permissions.allow) ? permissions.allow : [];
+    const deny = Array.isArray(permissions.deny) ? permissions.deny : [];
+
+    if ("enabledPlugins" in parsed && (
+      !parsed.enabledPlugins ||
+      typeof parsed.enabledPlugins !== "object" ||
+      Array.isArray(parsed.enabledPlugins)
+    )) {
+      pushScopedWarning(
+        state.warnings,
+        "invalid-project-setting",
+        "enabledPlugins must be an object keyed by plugin@marketplace id"
+      );
+    }
+
+    const disabledPluginIds = disabledPluginIdsFromSettings(parsed.enabledPlugins);
+    if (disabledPluginIds.includes(CURDX_FLOW_PLUGIN_ID)) {
+      state.warnings.push({
+        kind: "flow-runtime-blocker",
+        message: `enabledPlugins disables CurDX-Flow in this project: ${CURDX_FLOW_PLUGIN_ID}`,
+      });
+    }
+
+    for (const pluginId of CURDX_FLOW_REQUIRED_PLUGIN_IDS) {
+      if (disabledPluginIds.includes(pluginId)) {
+        state.warnings.push({
+          kind: "required-plugin-disabled",
+          message: `enabledPlugins disables required CurDX-Flow companion plugin: ${pluginId}`,
+        });
+      }
+    }
+
+    if (permissions.defaultMode === "bypassPermissions") {
+      state.warnings.push({
+        kind: "bypass-default-mode",
+        message: 'permissions.defaultMode is "bypassPermissions"',
+      });
+    }
+
+    if (permissions.defaultMode === "dontAsk") {
+      state.warnings.push({
+        kind: "flow-runtime-blocker",
+        message: 'permissions.defaultMode is "dontAsk"; CurDX-Flow clarification and Agent dispatch prompts may be auto-denied',
+      });
+    }
+
+    if (permissions.skipDangerousModePermissionPrompt === true) {
+      state.warnings.push({
+        kind: "ignored-project-setting",
+        message: "permissions.skipDangerousModePermissionPrompt is ignored in project settings; move it to user or local settings",
+      });
+    }
+
+    for (const rule of allow) {
+      if (rule === "Bash" || rule === "Bash(*)" || rule === "*" || rule === "Read(**)") {
+        state.warnings.push({
+          kind: "broad-allow-rule",
+          message: `overbroad allow rule: ${rule}`,
+        });
+      }
+    }
+
+    for (const rule of deny) {
+      if (isCurdxFlowAgentDeny(rule)) {
+        state.warnings.push({
+          kind: "flow-runtime-blocker",
+          message: `deny rule blocks CurDX-Flow subagent dispatch: ${rule}`,
+        });
+        continue;
+      }
+
+      if (isBroadToolDeny(rule)) {
+        state.warnings.push({
+          kind: "flow-runtime-blocker",
+          message: `deny rule blocks a tool CurDX-Flow workflows require: ${rule}`,
+        });
+      }
+    }
+
+    const sensitiveDenyPatterns = ["Read(./.env)", "Read(./.env.*)"];
+    for (const pattern of sensitiveDenyPatterns) {
+      if (!deny.includes(pattern)) {
+        state.warnings.push({
+          kind: "missing-sensitive-deny",
+          message: `missing recommended deny rule: ${pattern}`,
+        });
+      }
+    }
+
+    for (const setting of PROJECT_ONLY_IGNORED_SETTINGS) {
+      if (setting.key in parsed) {
+        state.warnings.push({
+          kind: setting.kind,
+          message: setting.message,
+        });
+      }
+    }
+
+    for (const key of MANAGED_ONLY_SETTINGS) {
+      if (key in parsed) {
+        state.warnings.push({
+          kind: "managed-only-setting",
+          message: `${key} only applies from managed settings; remove it from shared project settings`,
+        });
+      }
+    }
+
+    for (const setting of SHARED_SCRIPT_SETTINGS) {
+      if (setting.key in parsed) {
+        state.warnings.push({
+          kind: setting.kind,
+          message: setting.message,
+        });
+      }
+    }
+
+    if (parsed.fileSuggestion?.type === "command" && parsed.fileSuggestion.command) {
+      state.warnings.push({
+        kind: "shared-script-setting",
+        message: "fileSuggestion.command runs a local script from shared project settings",
+      });
+    }
+
+    if (parsed.statusLine?.type === "command" && parsed.statusLine.command) {
+      state.warnings.push({
+        kind: "shared-script-setting",
+        message: "statusLine.command runs a local script from shared project settings",
+      });
+    }
+
+    if (parsed.env && typeof parsed.env === "object" && !Array.isArray(parsed.env)) {
+      state.warnings.push({
+        kind: "shared-env-setting",
+        message: "env injects shared environment variables into every session; avoid machine-specific values or secrets",
+      });
+
+      if (envFlagEnabled(parsed.env.CLAUDE_CODE_SIMPLE)) {
+        state.warnings.push({
+          kind: "flow-runtime-blocker",
+          message: "env.CLAUDE_CODE_SIMPLE=1 enables bare/simple mode, disabling CurDX-Flow plugin, hook, skill, MCP, and CLAUDE.md discovery",
+        });
+      }
+
+      if (envFlagEnabled(parsed.env.CLAUDE_CODE_SIMPLE_SYSTEM_PROMPT)) {
+        state.warnings.push({
+          kind: "shared-env-setting",
+          message: "env.CLAUDE_CODE_SIMPLE_SYSTEM_PROMPT=1 forces the minimal Claude system prompt for every collaborator session",
+        });
+      }
+
+      const effortEnv = normalizedEnvValue(parsed.env.CLAUDE_CODE_EFFORT_LEVEL);
+      if (effortEnv && !ENV_EFFORT_LEVELS.includes(effortEnv)) {
+        state.warnings.push({
+          kind: "invalid-project-setting",
+          message: `env.CLAUDE_CODE_EFFORT_LEVEL must be one of ${ENV_EFFORT_LEVELS.join(", ")}`,
+        });
+      } else if (effortEnv === "low" || effortEnv === "medium") {
+        state.warnings.push({
+          kind: "low-effort-project-setting",
+          message: `env.CLAUDE_CODE_EFFORT_LEVEL=${effortEnv} lowers reasoning for every collaborator session`,
+        });
+      }
+
+      if ("CLAUDE_CODE_EXPERIMENTAL_AGENT_TEAMS" in parsed.env) {
+        state.warnings.push({
+          kind: "shared-env-setting",
+          message: "env.CLAUDE_CODE_EXPERIMENTAL_AGENT_TEAMS shares an experimental Claude runtime flag across this project",
+        });
+      }
+    }
+
+    if (parsed.disableAllHooks === true) {
+      state.warnings.push({
+        kind: "flow-runtime-blocker",
+        message: "disableAllHooks disables CurDX-Flow stop/recovery hooks and plugin subagent status lines",
+      });
+    }
+
+    if (parsed.disableSkillShellExecution === true) {
+      state.warnings.push({
+        kind: "skill-shell-disabled",
+        message: "disableSkillShellExecution disables inline shell expansion in project/plugin skills and commands",
+      });
+    }
+
+    for (const key of HTTP_HOOK_SETTINGS) {
+      if (!(key in parsed)) continue;
+      if (!Array.isArray(parsed[key])) {
+        state.warnings.push({
+          kind: "invalid-project-setting",
+          message: `${key} must be an array when set in settings.json`,
+        });
+        continue;
+      }
+      if (parsed[key].length === 0) {
+        state.warnings.push({
+          kind: "shared-hook-policy",
+          message: `${key} is an empty allowlist; matching HTTP hook behavior is blocked`,
+        });
+      }
+    }
+
+    if (Array.isArray(parsed.availableModels)) {
+      const missing = CURDX_FLOW_REQUIRED_MODEL_ALIASES.filter(
+        (modelAlias) => !parsed.availableModels.includes(modelAlias)
+      );
+      if (missing.length > 0) {
+        state.warnings.push({
+          kind: "flow-runtime-blocker",
+          message: `availableModels excludes CurDX-Flow agent model aliases: ${missing.join(", ")}`,
+        });
+      }
+    }
+
+    if ("agent" in parsed) {
+      if (typeof parsed.agent !== "string" || parsed.agent.trim().length === 0) {
+        state.warnings.push({
+          kind: "invalid-project-setting",
+          message: "agent must be a non-empty subagent name when set in settings.json",
+        });
+      } else {
+        state.warnings.push({
+          kind: "flow-runtime-blocker",
+          message: `agent routes the main thread through subagent "${parsed.agent}", overriding CurDX-Flow prompt, tools, and model`,
+        });
+      }
+    }
+
+    if ("effortLevel" in parsed) {
+      if (parsed.effortLevel === "max") {
+        state.warnings.push({
+          kind: "invalid-project-setting",
+          message:
+            "effortLevel in settings.json only supports low, medium, high, or xhigh; use /effort max or CLAUDE_CODE_EFFORT_LEVEL for session-only max",
+        });
+      } else if (!PERSISTED_EFFORT_LEVELS.includes(parsed.effortLevel)) {
+        state.warnings.push({
+          kind: "invalid-project-setting",
+          message:
+            "effortLevel in settings.json must be one of low, medium, high, or xhigh",
+        });
+      } else if (parsed.effortLevel === "low" || parsed.effortLevel === "medium") {
+        state.warnings.push({
+          kind: "low-effort-project-setting",
+          message: `effortLevel ${parsed.effortLevel} is shared at project scope; CurDX-Flow planning/review turns may need higher reasoning`,
+        });
+      }
+    }
+
+    if ("sandbox" in parsed) {
+      if (!isNonArrayObject(parsed.sandbox)) {
+        state.warnings.push({
+          kind: "invalid-project-setting",
+          message: "sandbox must be an object when set in settings.json",
+        });
+      } else {
+        if (parsed.sandbox.failIfUnavailable === true) {
+          state.warnings.push({
+            kind: "flow-runtime-blocker",
+            message: "sandbox.failIfUnavailable can prevent Claude Code startup on hosts where sandboxing is unavailable",
+          });
+        }
+        if (parsed.sandbox.allowUnsandboxedCommands === false) {
+          state.warnings.push({
+            kind: "shared-sandbox-policy",
+            message: "sandbox.allowUnsandboxedCommands=false disables the unsandboxed Bash escape hatch for this project",
+          });
+        }
+
+        const filesystem = isNonArrayObject(parsed.sandbox.filesystem)
+          ? parsed.sandbox.filesystem
+          : {};
+        if (hasProjectBlockingSandboxPath(filesystem.denyRead)) {
+          state.warnings.push({
+            kind: "flow-runtime-blocker",
+            message: "sandbox.filesystem.denyRead blocks .flow/.git or the project root, which CurDX-Flow must inspect",
+          });
+        }
+        if (hasProjectBlockingSandboxPath(filesystem.denyWrite)) {
+          state.warnings.push({
+            kind: "flow-runtime-blocker",
+            message: "sandbox.filesystem.denyWrite blocks .flow/.git or the project root, which CurDX-Flow must update",
+          });
+        }
+
+        const network = isNonArrayObject(parsed.sandbox.network)
+          ? parsed.sandbox.network
+          : {};
+        if (Array.isArray(network.allowedDomains) && network.allowedDomains.length === 0) {
+          state.warnings.push({
+            kind: "shared-sandbox-policy",
+            message: "sandbox.network.allowedDomains is empty; sandboxed commands have no outbound network access",
+          });
+        }
+      }
+    }
+
+    if (parsed.enableAllProjectMcpServers === true) {
+      state.warnings.push({
+        kind: "shared-mcp-auto-approve",
+        message: "enableAllProjectMcpServers auto-approves every project MCP server",
+      });
+    }
+
+    if (Array.isArray(parsed.enabledMcpjsonServers) && parsed.enabledMcpjsonServers.length > 0) {
+      state.warnings.push({
+        kind: "shared-mcp-auto-approve",
+        message: `enabledMcpjsonServers auto-approves project MCP servers: ${parsed.enabledMcpjsonServers.join(", ")}`,
+      });
+    }
+
+    if ("includeCoAuthoredBy" in parsed) {
+      state.warnings.push({
+        kind: "deprecated-setting",
+        message: "includeCoAuthoredBy is deprecated; migrate to attribution",
+      });
+    }
+  }
+
+  if (state.localExists) {
+    try {
+      const localParsed = JSON.parse(await fs.readFile(localSettingsPath, "utf-8"));
+      auditLocalClaudeSettings(localParsed, state.localWarnings);
+    } catch (error) {
+      state.localInvalid = true;
+      state.localParseError = error?.message || String(error);
+    }
+  }
+
+  return state;
+}