| name | gs-freeze |
| version | 0.1.0 |
| description | Restrict file edits to one directory for the session while debugging. CARL TRIGGERS: freeze edits, lock to this directory, freeze the codebase, edit lock. SOURCE: garrytan/gstack/freeze, integrated as gs-freeze on 2026-05-29. |
| triggers | ["freeze edits to directory","lock editing scope","restrict file changes"] |
| allowed-tools | ["Bash","Read","AskUserQuestion"] |
| hooks | {"PreToolUse":[{"matcher":"Edit","hooks":[{"type":"command","command":"bash ${CLAUDE_SKILL_DIR}/bin/check-freeze.sh","statusMessage":"Checking freeze boundary..."}]},{"matcher":"Write","hooks":[{"type":"command","command":"bash ${CLAUDE_SKILL_DIR}/bin/check-freeze.sh","statusMessage":"Checking freeze boundary..."}]}]} |
INTEGRATION NOTE: Extracted from gstack and renamed gs-freeze (Phase 1B) to coexist with the host environment's CARL routing. Original gstack docs follow. Sibling gstack skills referenced below map to gs-* when installed (the 19-skill set); gstack-only infra (browse binary, gstack bin/ toolchain, ~/.gstack GBrain) is not installed here, so dependent steps degrade gracefully.
When to invoke this skill
Blocks Edit and
Write outside the allowed path. Use when debugging to prevent accidentally
"fixing" unrelated code, or when you want to scope changes to one module.
Use when asked to "freeze", "restrict edits", "only edit this folder",
or "lock down edits".
/freeze — Restrict Edits to a Directory
Lock file edits to a specific directory. Any Edit or Write operation targeting
a file outside the allowed path will be blocked (not just warned).
mkdir -p ~/.gstack/analytics
echo '{"skill":"freeze","ts":"'$(date -u +%Y-%m-%dT%H:%M:%SZ)'","repo":"'$(basename "$(git rev-parse --show-toplevel 2>/dev/null)" 2>/dev/null || echo "unknown")'"}' >> ~/.gstack/analytics/skill-usage.jsonl 2>/dev/null || true
Setup
Ask the user which directory to restrict edits to. Use AskUserQuestion:
- Question: "Which directory should I restrict edits to? Files outside this path will be blocked from editing."
- Text input (not multiple choice) — the user types a path.
Once the user provides a directory path:
- Resolve it to an absolute path:
FREEZE_DIR=$(cd "<user-provided-path>" 2>/dev/null && pwd)
echo "$FREEZE_DIR"
- Ensure trailing slash and save to the freeze state file:
FREEZE_DIR="${FREEZE_DIR%/}/"
eval "$(~/.claude/skills/gstack/bin/gstack-paths)"
STATE_DIR="$GSTACK_STATE_ROOT"
mkdir -p "$STATE_DIR"
echo "$FREEZE_DIR" > "$STATE_DIR/freeze-dir.txt"
echo "Freeze boundary set: $FREEZE_DIR"
Tell the user: "Edits are now restricted to <path>/. Any Edit or Write
outside this directory will be blocked. To change the boundary, run /freeze
again. To remove it, run /unfreeze or end the session."
How it works
The hook reads file_path from the Edit/Write tool input JSON, then checks
whether the path starts with the freeze directory. If not, it returns
permissionDecision: "deny" to block the operation.
The freeze boundary persists for the session via the state file. The hook
script reads it on every Edit/Write invocation.
Notes
- The trailing
/ on the freeze directory prevents /src from matching /src-old
- Freeze applies to Edit and Write tools only — Read, Bash, Glob, Grep are unaffected
- This prevents accidental edits, not a security boundary — Bash commands like
sed can still modify files outside the boundary
- To deactivate, run
/unfreeze or end the conversation