Claude Code Policy Builder
Configure, preview, and export a managed Claude Code policy your whole team can install.
Fine-grained tool access rules and permission modes.
Prevents --dangerously-skip-permissions and bypassPermissions mode.
Block specific tools or file paths. Format: Tool or Tool(specifier).
Control which MCP servers users may configure and use.
Users can still configure MCP servers, but only the admin-defined allowlist below is honored.
Restrict users to only these servers. Leave empty to allow all.
Explicitly blocked servers are denied regardless of the allowlist. Match by name, URL pattern, or command.
Automatically approve all MCP servers defined in project .mcp.json files without prompting users. Leave off to require explicit approval (the default).
Default model, allowlists, fallback chains, model overrides, and reasoning effort.
Allowlist of selectable models. Leave empty for no restriction. Pick aliases or models, or type a custom name.
When on, the Default model picker option cannot resolve to a model outside the allowlist above.
Tried in order when the primary model is unavailable. Up to three.
Map Anthropic model IDs to provider-specific IDs for Bedrock, Vertex AI, or Foundry. Left = Anthropic model ID, right = provider ID.
Lifecycle automation hooks and HTTP hook URL restrictions.
Only managed hooks defined here are loaded.
Disables all hooks and any custom status line configuration.
Plugin marketplaces and customization lockdown.
Block skills, agents, hooks, and MCP servers from user/project sources.
Session cleanup, language, view mode, TUI, thinking toggles, and agent controls.
Turn on extended thinking by default for every session.
Show full extended-thinking summaries when expanded instead of redacted blocks.
Adds built-in commit/PR workflow instructions and a git status snapshot to the system prompt.
Turns off background agents and the agent view UI, including claude agents, --bg, and /background.
Blocks inline shell blocks in skills and custom commands from user, project, and plugin sources.
Git commit and pull request attribution messages and PR URL templates.
Adds a co-authored-by Claude trailer to git commits and pull requests.
Login method restrictions, API key helpers, organization UUIDs, and GCP auth refresh.
Startup messages displayed to users when Claude Code launches.
Displayed to users at startup.
Terminal UI, notifications, spinner behavior, and display preferences.
Show tips in the spinner while Claude is working.
Show only custom spinner tips instead of built-in defaults. Also suppresses time-based spinner tips.
Exclude .gitignore'd files from @ file picker suggestions.
Reduce animations and motion effects in the UI.
Disable syntax highlighting in diffs, code blocks, and file previews.
Auto-scroll the conversation in fullscreen mode.
Show turn duration messages after responses (e.g. "Cooked for 1m 6s").
Show the terminal progress bar in supported terminals such as iTerm2, Ghostty, and ConEmu.
When enabled, use OS scroll acceleration in fullscreen mode. Turn off for fixed per-tick scroll steps.
Bash command sandboxing for safer tool execution.
Run bash commands inside an isolated sandbox environment.
Automatically approve bash commands when they run inside the sandbox.
When disabled, all commands must run sandboxed or be listed in excluded commands.
Exit with error instead of running unsandboxed when sandbox cannot start.
Credential refresh scripts for AWS and OpenTelemetry.
AWS settings
OpenTelemetry
Environment variables applied to every Claude Code session via the env field.
Set via the env object in settings.json. Common keys include ANTHROPIC_API_KEY, NODE_ENV, and provider flags.
Your agents are already in the wild.
Give them a Basecamp. Go from AI chaos to AI work, in minutes.
