Catalog
garrytan/careful

garrytan

careful

Safety guardrails for destructive commands. (gstack)

global
Allowed Tools
BashRead
New~546
v1.0Saved Jul 12, 2026

When to invoke this skill

Warns before rm -rf, DROP TABLE, force-push, git reset --hard, kubectl delete, and similar destructive operations. User can override each warning. Use when touching prod, debugging live systems, or working in a shared environment. Use when asked to "be careful", "safety mode", "prod mode", or "careful mode".

/careful — Destructive Command Guardrails

Safety mode is now active. Every bash command will be checked for destructive patterns before running. If a destructive command is detected, you'll be warned and can choose to proceed or cancel.

mkdir -p ~/.gstack/analytics
echo '{"skill":"careful","ts":"'$(date -u +%Y-%m-%dT%H:%M:%SZ)'","repo":"'$(basename "$(git rev-parse --show-toplevel 2>/dev/null)" 2>/dev/null || echo "unknown")'"}'  >> ~/.gstack/analytics/skill-usage.jsonl 2>/dev/null || true

What's protected

Pattern Example Risk
rm -rf / rm -r / rm --recursive rm -rf /var/data Recursive delete
DROP TABLE / DROP DATABASE DROP TABLE users; Data loss
TRUNCATE TRUNCATE orders; Data loss
git push --force / -f git push -f origin main History rewrite
git reset --hard git reset --hard HEAD~3 Uncommitted work loss
git checkout . / git restore . git checkout . Uncommitted work loss
kubectl delete kubectl delete pod Production impact
docker rm -f / docker system prune docker system prune -a Container/image loss

Safe exceptions

These patterns are allowed without warning:

  • rm -rf node_modules / .next / dist / __pycache__ / .cache / build / .turbo / coverage

How it works

The hook reads the command from the tool input JSON, checks it against the patterns above, and returns permissionDecision: "ask" with a warning message if a match is found. You can always override the warning and proceed.

To deactivate, end the conversation or start a new one. Hooks are session-scoped.

Files1
1 files · 1.0 KB

Select a file to preview

Overall Score

78/100

Grade

B

Good

Safety

85

Quality

76

Clarity

82

Completeness

68

Summary

This skill activates safety guardrails for destructive bash commands (rm -rf, git force-push, kubectl delete, etc.) by intercepting commands at the PreToolUse hook stage. When a destructive pattern is detected, the agent is warned and must explicitly consent to proceed. It protects common dangerous operations while allowing safe exceptions (e.g., rm -rf node_modules).

Static Analysis Findings

1 finding

Patterns detected by deterministic static analysis before AI scoring. Hover over any finding code for detailed information and remediation guidance.

Destructive Operation
SEC-001Recursive Deletion4x in 1 fileMax: B

Recursive deletion pattern (rm -rf)

SKILL.mdrm -rf4x

Detected Capabilities

bash command interceptionpattern matchingpermission decision workflowanalytics logging

Trigger Keywords

Phrases that MCP clients use to match this skill to user intent.

warn before destructivesafety modecareful modeprevent accidental deleteproduction safeguard

Risk Signals

INFO

rm -rf pattern matches

SKILL.md (multiple documented in protected patterns table)
INFO

Analytics data logged to ~/.gstack/analytics/skill-usage.jsonl

SKILL.md | Line: Bash code block with echo to ~/.gstack/analytics/

Use Cases

  • Prevent accidental data loss in production environments
  • Add confirmation prompts before destructive git operations
  • Safeguard against unintended database drops or truncations
  • Protect shared environments from inadvertent container/pod deletions
  • Enable careful mode when debugging live systems

Quality Notes

  • Skill clearly documents its protective scope with a well-organized table of dangerous patterns and their risks
  • Safe exceptions are explicitly listed (node_modules, .next, dist, etc.), showing thoughtful design to avoid false positives
  • The PreToolUse hook mechanism is the correct architectural choice for intercepting commands before execution
  • Instructions explain how the skill works, how to override warnings, and how to deactivate it
  • Trigger keywords ('be careful', 'warn before destructive', 'safety mode') are appropriate and discoverable
  • The skill logs usage analytics but does so safely (local filesystem only, no external transmission)
  • Some implementation details are missing: the check-careful.sh script is referenced but not included in the manifest
Model: claude-haiku-4-5-20251001Analyzed: Jul 12, 2026

Reviews

Add this skill to your library to leave a review.

No reviews yet

Be the first to share your experience.

Use garrytan/careful in your dev environment

Command Palette

Search for a command to run...