Same Saavi narration, smaller file. Opus 48k preferred — auto-selected by your browser.
Scenario anchor
Aap Aaranya IT BFSI ke ek 800-developer org mein lead architect hain. Ek junior
dev ne accidentally production database ka connection string Claude Code ke
through expose kar diya — kyunki kisi ne bhi enterprise-level permissions
configure nahi ki thi settings.json mein. Aaj hum dekhenge ki settings.json
ka config-cascade exactly kaise kaam karta hai — user-level se project-level
tak — aur MCP servers ke trust boundaries kaise enforce karte hain taki aisa
incident dobara na ho.
Key Takeaways
settings.json enforces a three-tier config cascade — enterprise → user → project — where higher tiers can lock directives that lower tiers cannot override, analogous to policy inheritance in a service mesh control plane.
Hooks are lifecycle-interception points (pre-tool, post-tool, pre-compact) declared in settings.json; they let teams inject audit logging, secret-scanning, or approval gates without modifying Claude's core behaviour.
Each MCP server entry in settings.json carries its own explicit permission grant; there is no implicit privilege inheritance from the invoking user — treat each server as a distinct OAuth client with its own scope declaration.
Memory anchor: settings.json is your config-cascade — enterprise locks at the top, MCP servers get scoped grants, hooks intercept the pipeline — same mental model as a service mesh with per-route policy and sidecar interception.