Slash Command

/setup

Apply Casper security settings to your Claude Code configuration

Install

Run in your terminal

npx claudepluginhub casper-studios/casper-marketplace --plugin casper

Command Content

Other plugins with /setup

/setup

Initializes or resumes project setup via interactive Q&A, creating conductor/ artifacts for product definition, guidelines, tech stack, workflow, and style guides.

conductor

32.9k

/setup

Detects ghost Claude plugin installations by checking cache, registry, and temp files on macOS/Linux/Windows; cleans up on user confirmation.

BashReadEdit+1

claude-hud

16.8k

/setup

Checks local Codex CLI readiness, prompts to install if unavailable via npm, and optionally toggles stop-time review gate.

Bash(node:*)Bash(npm:*)AskUserQuestion

codex

11.4k

/setup

Guides enterprise admins through Claude Office add-in setup for Vertex AI, Bedrock, or custom gateway; provisions credentials and generates deployable manifest.xml.

claude-in-office

7.3k

/setup

Configures claude-hud as Claude Code statusline by providing ~/.claude/settings.json config, build instructions, manual setup, and troubleshooting steps.

claude-hud

2.7k

/setup

commands/

Runs interactive setup wizard: detects AI providers (Codex, Gemini, Ollama, etc.), RTK token optimizer, system tools; displays status table; offers to install/configure missing items.

BashReadGlob+2

octo

2.3k

Stats

Parent Repo Stars9

Parent Repo Forks2

Last CommitJan 27, 2026

Actions

View Source View Plugin View on GitHub View README

Casper Setup

Read the settings template at ${CLAUDE_PLUGIN_ROOT}/settings-template.json.

Then apply these settings to the user's .claude/settings.json:

If .claude/settings.json doesn't exist, create it with the template contents

If it exists, MERGE the settings (don't overwrite existing user settings):

Add any deny rules from the template that aren't already present
Add any allow rules from the template that aren't already present
Set env vars for telemetry if not already set

After applying, confirm what was added and remind the user to restart Claude Code for the changes to take effect.

Security Settings Applied

The setup applies the following protections:

Denied File Reads

.env, .env.*, .env.local, .env.production

**/secrets/**, **/.secrets/**

**/*credentials*

Allowed Commands (Pre-approved Operations)

Casper skills: casper:setup, casper:company, casper:projects, casper:transcripts

npm run:*, npm test:*, npm install:*

git status:*, git diff:*, git log:*, git add:*, git commit:*

Hook-Based Protections

The bash validator hook blocks catastrophic commands:

rm -rf / and similar system-destroying patterns

curl | bash (remote code execution)

dd to block devices (disk destruction)

Fork bombs

Environment Variables

DISABLE_TELEMETRY=1

DISABLE_ERROR_REPORTING=1

Casper Setup

Read the settings template at ${CLAUDE_PLUGIN_ROOT}/settings-template.json.

Then apply these settings to the user's .claude/settings.json:

If .claude/settings.json doesn't exist, create it with the template contents
If it exists, MERGE the settings (don't overwrite existing user settings):
- Add any deny rules from the template that aren't already present
- Add any allow rules from the template that aren't already present
- Set env vars for telemetry if not already set

After applying, confirm what was added and remind the user to restart Claude Code for the changes to take effect.

Security Settings Applied

The setup applies the following protections:

Denied File Reads

.env, .env.*, .env.local, .env.production
**/secrets/**, **/.secrets/**
**/*credentials*

Allowed Commands (Pre-approved Operations)

Casper skills: casper:setup, casper:company, casper:projects, casper:transcripts
npm run:*, npm test:*, npm install:*
git status:*, git diff:*, git log:*, git add:*, git commit:*

Hook-Based Protections

The bash validator hook blocks catastrophic commands:

rm -rf / and similar system-destroying patterns
curl | bash (remote code execution)
dd to block devices (disk destruction)
Fork bombs

Environment Variables

DISABLE_TELEMETRY=1
DISABLE_ERROR_REPORTING=1

Philosophy

This plugin focuses on preventing irreversible, catastrophic operations rather than trying to block everything potentially dangerous. Denylists are inherently bypassable - these rules are a safety net, not a security boundary.