diff --git a/action.yml b/action.yml
index bb573a3..802e775 100644
--- a/action.yml
+++ b/action.yml
@@ -63,7 +63,7 @@ inputs:
     required: false
     default: ""
   setting_sources:
-    description: "Comma-separated list of setting sources to load (user, project, local). When unset, the action applies 'user,project,local' at runtime — project settings are safe here because .claude/ is restored from the PR base branch before execution. Set to 'user' to ignore in-repo settings entirely."
+    description: "Comma-separated list of setting sources to load (user, project, local). When unset, the action applies 'user,project,local' at runtime for PR contexts where .claude/ is restored from the base branch; for other contexts it applies the same event-gated default as base-action. Set to 'user' to ignore in-repo settings entirely."
     required: false
     default: ""
 
diff --git a/src/entrypoints/run.ts b/src/entrypoints/run.ts
index 1bf674c..5a61308 100644
--- a/src/entrypoints/run.ts
+++ b/src/entrypoints/run.ts
@@ -241,6 +241,7 @@ async function run() {
     // lacks base.ref, so we fall back to the mode-provided value — tag mode
     // fetches it from GraphQL; agent mode on issue_comment is an edge case
     // that at worst restores from the wrong trusted branch (still secure).
+    let configRestoredFromBase = false;
     if (isEntityContext(context) && context.isPR) {
       let restoreBase = baseBranch;
       if (
@@ -253,6 +254,7 @@ async function run() {
       }
       if (restoreBase) {
         restoreConfigFromBase(restoreBase);
+        configRestoredFromBase = true;
       }
     }
 
@@ -279,7 +281,12 @@ async function run() {
       pathToClaudeCodeExecutable: claudeExecutable,
       showFullOutput: process.env.INPUT_SHOW_FULL_OUTPUT,
       settingSources: process.env.INPUT_SETTING_SOURCES,
-      defaultSettingSources: ["user", "project", "local"],
+      // Only assert that project/local config is safe to load when it was actually
+      // restored from the base branch above. Otherwise leave undefined so
+      // parseSdkOptions applies its event-gated default.
+      defaultSettingSources: configRestoredFromBase
+        ? ["user", "project", "local"]
+        : undefined,
     });
 
     claudeSuccess = claudeResult.conclusion === "success";