settings-dangerous¶
Flags settings keys that execute arbitrary commands (apiKeyHelper, awsAuthRefresh, awsCredentialExport, gcpAuthRefresh, otelHeadersHelper) and dangerous env vars (LD_PRELOAD, NODE_OPTIONS, proxy settings, GIT_SSH_COMMAND, etc.)
| Severity | error (auto) |
| Autofix | - |
| Since | v0.12.0 |
| Category | Settings |
Why¶
Project-scoped settings.json files can set keys that execute shell
commands (apiKeyHelper, awsAuthRefresh) or environment variables
that hijack process behavior (LD_PRELOAD, NODE_OPTIONS,
GIT_SSH_COMMAND). A malicious repository can use these to run
arbitrary code when a contributor opens it.
Examples¶
Bad:
Good (no command-execution keys or dangerous env vars):
When not to flag¶
Legitimate uses of command-execution keys exist (e.g., 1Password CLI
for secrets). The rule flags the key regardless of its value, so a
benign apiKeyHelper like op read 'op://Vault/API Key/credential'
is still reported — after reviewing the command, permit it explicitly
via the rule's allowlist:
How to fix¶
Review the flagged setting. If it is a legitimate command, add it to
the rule's allowlist. If it is unexpected, remove it — it may
indicate a supply-chain compromise. Environment variables like
LD_PRELOAD and proxy settings should almost never appear in
project-scoped settings.
Configuration¶
| Parameter | Description | Default |
|---|---|---|
allow_command_exec_keys |
Command-execution keys to permit (e.g. apiKeyHelper) | [] |
allow_env_vars |
Dangerous env var names to permit | [] |
Run skillsaw explain settings-dangerous to see this documentation and the rule's effective configuration in your terminal.