Settings should stay focused on account control, security, workspace identity, and preferences.
Account details
Settings shows the signed-in user account and account actions. It should avoid duplicate navigation links already present in the sidebar or account menu.
Security
Users should keep login access private, rotate exposed API keys, and avoid sharing screenshots that include tokens, keys, project secrets, or private files.
Use server-side API keys
Delete unused keys
Keep project files private
Review account sessions when available
Workspace preferences
User choices such as the default project should persist quietly in the background so the next session feels continuous.