GreyC · GreyC · Mar 13, 2026 · Mar 13, 2026 · Mar 13, 2026 · gemini-code-assist
diff --git a/packages/cli/src/index.ts b/packages/cli/src/index.ts
@@ -75,12 +75,10 @@ program
       await JulesClient.validateKey(apiKey);
 
       const configDir = path.join(os.homedir(), '.config', 'jules');
-      if (!fs.existsSync(configDir)) {
-        fs.mkdirSync(configDir, { recursive: true });
-      }
+      await fs.promises.mkdir(configDir, { recursive: true });
-      await fs.promises.mkdir(configDir, { recursive: true });
+      await fs.promises.mkdir(configDir, { recursive: true, mode: 0o700 });
-      await fs.promises.mkdir(configDir, { recursive: true });
+      await fs.promises.mkdir(configDir, { recursive: true, mode: 0o700 });
 
       const configPath = path.join(configDir, 'config.json');
-      fs.writeFileSync(configPath, JSON.stringify({ apiKey }, null, 2));
+      await fs.promises.writeFile(configPath, JSON.stringify({ apiKey }, null, 2));
-      await fs.promises.writeFile(configPath, JSON.stringify({ apiKey }, null, 2));
+      await fs.promises.writeFile(configPath, JSON.stringify({ apiKey }, null, 2), { mode: 0o600 });
-      await fs.promises.writeFile(configPath, JSON.stringify({ apiKey }, null, 2));
+      await fs.promises.writeFile(configPath, JSON.stringify({ apiKey }, null, 2), { mode: 0o600 });
 
       console.log('Setup complete. API key saved to ~/.config/jules/config.json');
     } catch (error: any) {