CalvinBackup/gstack
1
0
Fork 0
mirror of https://github.com/garrytan/gstack.git synced 2026-05-06 21:46:40 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
ebf6c60e4e6ec2eade1db3acdd6fcdc0adbd90e6
gstack/careful/SKILL.md
T
Garry Tan 533fdca1f2 feat: add /careful, /freeze, /guard, /unfreeze safety hook skills 
Four new on-demand skills using Claude Code's PreToolUse hooks:
- /careful: warns before destructive commands (rm -rf, DROP TABLE, force-push, etc.)
- /freeze: blocks file edits outside a specified directory
- /guard: composes both into one command
- /unfreeze: clears freeze boundary without ending session

Pure bash hook scripts with Python fallback for JSON edge cases.
Safe exceptions for build artifacts (node_modules, dist, .next, etc.).
Hook fire telemetry logs pattern name only (never command content).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-18 11:05:18 -07:00

2.4 KiB
Raw Blame History

name, version, description, allowed-tools, hooks
name version description allowed-tools hooks
careful 0.1.0 Safety guardrails for destructive commands. Warns before rm -rf, DROP TABLE, force-push, git reset --hard, kubectl delete, and similar destructive operations. User can override each warning. Use when touching prod, debugging live systems, or working in a shared environment. Use when asked to "be careful", "safety mode", "prod mode", or "careful mode".
Bash
Read
PreToolUse
matcher hooks
Bash
type command statusMessage
command bash ${CLAUDE_SKILL_DIR}/bin/check-careful.sh Checking for destructive commands...

/careful — Destructive Command Guardrails

Safety mode is now active. Every bash command will be checked for destructive patterns before running. If a destructive command is detected, you'll be warned and can choose to proceed or cancel.

mkdir -p ~/.gstack/analytics
echo '{"skill":"careful","ts":"'$(date -u +%Y-%m-%dT%H:%M:%SZ)'","repo":"'$(basename "$(git rev-parse --show-toplevel 2>/dev/null)" 2>/dev/null || echo "unknown")'"}'  >> ~/.gstack/analytics/skill-usage.jsonl 2>/dev/null || true

What's protected

Pattern Example Risk
rm -rf / rm -r / rm --recursive rm -rf /var/data Recursive delete
DROP TABLE / DROP DATABASE DROP TABLE users; Data loss
TRUNCATE TRUNCATE orders; Data loss
git push --force / -f git push -f origin main History rewrite
git reset --hard git reset --hard HEAD~3 Uncommitted work loss
git checkout . / git restore . git checkout . Uncommitted work loss
kubectl delete kubectl delete pod Production impact
docker rm -f / docker system prune docker system prune -a Container/image loss

Safe exceptions

These patterns are allowed without warning:

  • rm -rf node_modules / .next / dist / __pycache__ / .cache / build / .turbo / coverage

How it works

The hook reads the command from the tool input JSON, checks it against the patterns above, and returns permissionDecision: "ask" with a warning message if a match is found. You can always override the warning and proceed.

To deactivate, end the conversation or start a new one. Hooks are session-scoped.

Reference in New Issue View Git Blame Copy Permalink