CalvinBackup/gstack
1
0
Fork 0
mirror of https://github.com/garrytan/gstack.git synced 2026-06-19 00:00:13 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
c88825dba0a2fcddf91a431bbefa70e1af5f00df
gstack/guard/SKILL.md
T
Garry Tan 0d68ef1a39 feat(catalog): T4 — catalog trim + proactive-suggestions.json (Phase A.4) 
Shortens frontmatter `description:` in every Claude SKILL.md to a single
lead sentence + (gstack) tag. The routing prose ("Use when asked to...",
"Proactively suggest...") and voice triggers move to a "## When to invoke"
body section so they remain discoverable inside the skill. A per-run
registry at scripts/proactive-suggestions.json aggregates the routing/
voice text for all 52 skills so agents can pull guidance on demand
without paying for it in the always-loaded catalog.

Build flag --catalog-mode=full restores v1.44 legacy behavior (full
multi-line descriptions in frontmatter). Default is trim.

splitCatalogDescription() extracts: lead sentence, routing paragraphs,
voice-triggers line, (gstack) tag presence. Short descriptions (<120
chars, already trimmed) are skipped via a guard so re-runs are idempotent.

Measured impact (vs v1.44.1 baseline):
- Catalog tokens (sum of description bytes / 4): 9,319 → 4,045  (-56.6%)
- Total SKILL.md corpus bytes:                   2,915 KB → 2,880 KB (-1.2%)
- Routing prose preserved as in-skill "## When to invoke" sections
- 52 skill entries in scripts/proactive-suggestions.json (on-demand registry)

The corpus drop is small because catalog trim MOVES text from frontmatter
to body, it doesn't delete it. The headline win is the catalog: the
always-loaded system prompt surface drops by more than half.

Test plan:
- bun test test/gen-skill-docs.test.ts: 389 pass, 0 fail
- Manual: ship/SKILL.md frontmatter description is now ONE line ending
  with `(gstack)`; allowed-tools field on next line (YAML well-formed)
- Manual: scripts/proactive-suggestions.json contains 52 entries
- bun run gen:skill-docs --catalog-mode=full restores legacy behavior

53 files changed (52 SKILL.md across hosts + the new proactive-suggestions.json).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-25 20:35:21 -07:00

3.2 KiB
Raw Blame History

name: guard version: 0.1.0 description: Full safety mode: destructive command warnings + directory-scoped edits. (gstack) triggers:

  • full safety mode
  • guard against mistakes
  • maximum safety allowed-tools:
  • Bash
  • Read
  • AskUserQuestion hooks: PreToolUse:
    • matcher: "Bash" hooks:
      • type: command command: "bash ${CLAUDE_SKILL_DIR}/../careful/bin/check-careful.sh" statusMessage: "Checking for destructive commands..."
    • matcher: "Edit" hooks:
      • type: command command: "bash ${CLAUDE_SKILL_DIR}/../freeze/bin/check-freeze.sh" statusMessage: "Checking freeze boundary..."
    • matcher: "Write" hooks:
      • type: command command: "bash ${CLAUDE_SKILL_DIR}/../freeze/bin/check-freeze.sh" statusMessage: "Checking freeze boundary..."

When to invoke this skill

Combines /careful (warns before rm -rf, DROP TABLE, force-push, etc.) with /freeze (blocks edits outside a specified directory). Use for maximum safety when touching prod or debugging live systems. Use when asked to "guard mode", "full safety", "lock it down", or "maximum safety".

/guard — Full Safety Mode

Activates both destructive command warnings and directory-scoped edit restrictions. This is the combination of /careful + /freeze in a single command.

Dependency note: This skill references hook scripts from the sibling /careful and /freeze skill directories. Both must be installed (they are installed together by the gstack setup script).

mkdir -p ~/.gstack/analytics
echo '{"skill":"guard","ts":"'$(date -u +%Y-%m-%dT%H:%M:%SZ)'","repo":"'$(basename "$(git rev-parse --show-toplevel 2>/dev/null)" 2>/dev/null || echo "unknown")'"}'  >> ~/.gstack/analytics/skill-usage.jsonl 2>/dev/null || true

Setup

Ask the user which directory to restrict edits to. Use AskUserQuestion:

  • Question: "Guard mode: which directory should edits be restricted to? Destructive command warnings are always on. Files outside the chosen path will be blocked from editing."
  • Text input (not multiple choice) — the user types a path.

Once the user provides a directory path:

  1. Resolve it to an absolute path:
FREEZE_DIR=$(cd "<user-provided-path>" 2>/dev/null && pwd)
echo "$FREEZE_DIR"
  1. Ensure trailing slash and save to the freeze state file:
FREEZE_DIR="${FREEZE_DIR%/}/"
eval "$(~/.claude/skills/gstack/bin/gstack-paths)"
STATE_DIR="$GSTACK_STATE_ROOT"
mkdir -p "$STATE_DIR"
echo "$FREEZE_DIR" > "$STATE_DIR/freeze-dir.txt"
echo "Freeze boundary set: $FREEZE_DIR"

Tell the user:

  • "Guard mode active. Two protections are now running:"
  • "1. Destructive command warnings — rm -rf, DROP TABLE, force-push, etc. will warn before executing (you can override)"
  • "2. Edit boundary — file edits restricted to <path>/. Edits outside this directory are blocked."
  • "To remove the edit boundary, run /unfreeze. To deactivate everything, end the session."

What's protected

See /careful for the full list of destructive command patterns and safe exceptions. See /freeze for how edit boundary enforcement works.

Reference in New Issue View Git Blame Copy Permalink