Jeden Skill in Manus ausführen
mit einem Klick

Jeden Skill in Manus mit einem Klick ausführen

dcg

Sterne0

Forks0

Aktualisiert8. Mai 2026 um 12:40

Handle blocked destructive commands. Use when dcg blocks rm -rf, git reset --hard, DROP DATABASE, kubectl delete, or when configuring agent safety guardrails.

Installation

Mit Codex oder Claude installieren Kopieren Sie diesen Prompt, fügen Sie ihn in Codex, Claude oder einen anderen Assistant ein und lassen Sie die Skill-Seite prüfen und installieren.

In Manus ausführen

Quelle

oysteinkrog

oysteinkrog/dotfiles

GitHub-Repository öffnen Creator-Repositorys ansehen

Download

In Manus ausführen

Verwandte BerufeSOC

Basierend auf der SOC-Berufsklassifikation

SoftwareentwicklerInformatik- und Mathematikberufe·SOC 15-1252

Datei-Explorer

9 Dateien

SKILL.md

readonly

name	dcg
description	Handle blocked destructive commands. Use when dcg blocks rm -rf, git reset --hard, DROP DATABASE, kubectl delete, or when configuring agent safety guardrails.

DCG: When You Get Blocked

Core Insight: Blocks are checkpoints, not errors. A safe alternative almost always exists. Find it before mentioning override.

Quick Navigation

I need to...	Go to
Handle a block right now	THE EXACT WORKFLOW
Find a safe alternative	Safe Alternatives
See all CLI commands	COMMANDS.md
Enable more rule packs	PACKS.md
Configure per-project	CONFIG.md
Debug hook issues	TROUBLESHOOTING.md

THE EXACT WORKFLOW

When blocked, follow this sequence every time:

1. Run `dcg explain "cmd"` → Understand why (see trace)
2. Check Safe Alternatives table → Use if exists (DON'T mention override)
3. No alternative? → Explain risk clearly, let human decide
4. Human approves? → THEY run: dcg allow-once CODE

Never: Ask for override first. Never retry silently. Never circumvent.

Example block output:

BLOCKED: git reset --hard HEAD
Rule: core.git:reset-hard
Reason: Discards uncommitted changes permanently
Allow-once code: ab12
Safer alternative: git stash

Good response:

"I wanted to discard changes but git reset --hard was blocked. Let me use git stash instead—recoverable if needed." [proceeds with stash]

Safe Alternatives

Blocked	Use Instead	Why
`git reset --hard`	`git stash`	Recoverable
`git checkout -- file`	`git stash push file`	Preserves changes
`git push --force`	`git push --force-with-lease`	Checks remote unchanged
`git clean -fd`	`git clean -fdn` (preview)	Shows what would delete
`git stash drop`	`git stash list` first	Verify which stash
`rm -rf /path`	`rm -ri /path` or verify path	Interactive/confirm
`kubectl delete namespace`	`kubectl delete -l app=X`	Selective deletion
`DROP DATABASE`	Backup first	Human approves
`docker system prune -a`	`docker system df` first	See what's used

Quick Reference

dcg doctor              # Health check — hook registered?
dcg explain "cmd"       # WHY is it blocked? (with trace)
dcg test "cmd"          # Would this be blocked? (dry-run)
dcg allow-once CODE     # Human approves (THEY run this)
dcg packs               # List available rule packs
dcg scan --staged       # Pre-commit: scan for issues

What Gets Blocked

Category	Patterns	Safe Variants
Git destructive	`reset --hard`, `checkout --`	`stash`, `restore --staged`
Git history	`push --force`, `branch -D`	`--force-with-lease`, `-d`
Git stash	`stash drop`, `stash clear`	`stash list` first
Filesystem	`rm -rf` (dangerous paths)	`/tmp/*` allowed
Database	`DROP`, `TRUNCATE`, `DELETE` w/o WHERE	Add WHERE clause
K8s	`delete namespace`, `delete --all`	`-l` label selector

Context-aware: rm -rf ./build allowed, rm -rf / blocked.

dcg explain example (7-step pipeline):

$ dcg explain "git reset --hard HEAD"
BLOCKED by core.git:reset-hard

Evaluation trace:
  1. Config allow overrides: no match
  2. Config block overrides: no match
  3. Heredoc detection: not applicable
  4. Quick reject: triggered (contains "reset")
  5. Context sanitization: no changes
  6. Normalization: git reset --hard HEAD
  7. Pack evaluation:
     - Safe patterns: no match
     - Destructive: MATCH "reset --hard"

Suggestion: Use `git stash` to preserve changes

Anti-Patterns

❌ "Command blocked. Run dcg allow-once ab12"  → Find alternative first!
❌ *Retrying silently or circumventing*         → Always acknowledge blocks
❌ Treating blocks as errors                    → They're checkpoints
❌ Asking user to allow-once without explaining → They need context

Configuration

# .dcg.toml — enable rule packs per-project
[packs]
enabled = ["database.postgresql", "kubernetes.kubectl", "cloud.aws"]

[overrides]
allow_patterns = ["rm -rf ./node_modules"]  # Project-specific safe

Environment variables:

DCG_PACKS="containers.docker,kubernetes" — Enable packs
DCG_DISABLE="kubernetes.helm" — Disable specific packs
DCG_BYPASS=1 — Escape hatch (human-only)

Key Facts

49+ rule packs available (database, containers, k8s, cloud, etc.)
Sub-millisecond latency — won't slow your workflow
Fail-open on timeout — if DCG hangs, command runs (with warning)
Heredoc scanning — inline scripts (bash -c, python -c) are analyzed
Allow-once codes — 4 hex chars, 24h expiry, bound to exact command+directory

The Incident That Started It All

On December 17, 2025, an AI agent ran git checkout -- on files containing hours of uncommitted work. The files were recovered via git fsck --lost-found, but it proved: instructions don't prevent execution—mechanical enforcement does.

Validation

# Quick health check
dcg doctor | head -20

# Test if a command would be blocked
dcg test "git reset --hard HEAD"

# Should show: WOULD BE BLOCKED

Scripts

Script	Usage
`./scripts/validate-dcg.sh`	Full installation validation

References

COMMANDS.md — Full CLI reference with dcg explain, dcg scan
PACKS.md — 49+ rule pack system (database, k8s, cloud, etc.)
CONFIG.md — Configuration, agent profiles, heredoc settings
SCENARIOS.md — Detailed examples with good/bad responses
PHILOSOPHY.md — Why DCG works this way
TROUBLESHOOTING.md — Common issues and fixes

Mehr aus diesem Repository

gleiches Repository

consult-oracles

oysteinkrog/dotfiles

Consult Fable (primary oracle) for expert second opinions; escalate to GPT-5.5-Pro only for extremely important or complex tasks (always paired with Fable). Use for complex decisions, architecture choices, debugging hard problems, or when user says "consult oracles", "ask the experts", or wants a second opinion.

2026-06-100

oracle-review

oysteinkrog/dotfiles

Run iterative oracle + agent hardening loop on any artifact (designs, plans, beads, architecture) until findings converge to near-zero. Combines /swarm-oracle with /swarm-review in alternating rounds. Use for the full hardening cycle, not just a single oracle pass. For oracle-only, use /swarm-oracle. For bead-only hardening, use /swarm-beads-quality.

2026-06-100

oracle-consensus

oysteinkrog/dotfiles

Run 2x oracle sessions (FOR + AGAINST stances) to validate design decisions, plans, or bead readiness. Default = two Fable subagents; escalate to PAL 2x GPT-Pro (always paired with Fable) for extremely important or complex validations. Use after design rounds, before implementation, or to challenge architecture decisions.

2026-06-100

sync-human

oysteinkrog/dotfiles

Act as a wise, effective teacher whose goal is to make the human deeply understand the work done in this session (a change, a bug fix, a feature, a design) — i.e. sync the human's mental model up to the agent's. Use when the user says "sync-human", "sync me up", "teach me this session", "make sure I understand", "walk me through what we did", "quiz me on this", or "I want to actually understand this PR/change", or otherwise wants Socratic, gated, incremental teaching with comprehension checks rather than a one-shot summary. Drives understanding at both high level (motivation, impact) and low level (business logic, edge cases) using a running checklist and quizzes.

2026-06-050

agent-mail

oysteinkrog/dotfiles

MCP Agent Mail for multi-agent coordination. Use when agents need file locks, messaging, inboxes, or conflict prevention. Handles macro_start_session, file_reservation_paths, send_message, threading, pre-commit guards.

2026-05-290

secret-lookup

oysteinkrog/dotfiles

Retrieve API tokens, keys, and credentials Oystein has stored locally. Use whenever code, scripts, or shell commands need a secret value: GitHub tokens, Cloudflare, HubSpot, Slack, Zendesk, Jira, Sentry, Anthropic, Apify, Browserbase, Google OAuth, Huma. Use BEFORE searching shell history, session logs, dotfiles, or the filesystem — the canonical store is documented here and the values are reachable via two fish helpers. Also use when adding, rotating, or removing a credential.

2026-05-110

name	dcg
description	Handle blocked destructive commands. Use when dcg blocks rm -rf, git reset --hard, DROP DATABASE, kubectl delete, or when configuring agent safety guardrails.

DCG: When You Get Blocked

Core Insight: Blocks are checkpoints, not errors. A safe alternative almost always exists. Find it before mentioning override.

Quick Navigation

I need to...	Go to
Handle a block right now	THE EXACT WORKFLOW
Find a safe alternative	Safe Alternatives
See all CLI commands	COMMANDS.md
Enable more rule packs	PACKS.md
Configure per-project	CONFIG.md
Debug hook issues	TROUBLESHOOTING.md

THE EXACT WORKFLOW

When blocked, follow this sequence every time:

1. Run `dcg explain "cmd"` → Understand why (see trace)
2. Check Safe Alternatives table → Use if exists (DON'T mention override)
3. No alternative? → Explain risk clearly, let human decide
4. Human approves? → THEY run: dcg allow-once CODE

Never: Ask for override first. Never retry silently. Never circumvent.

Example block output:

BLOCKED: git reset --hard HEAD
Rule: core.git:reset-hard
Reason: Discards uncommitted changes permanently
Allow-once code: ab12
Safer alternative: git stash

Good response:

"I wanted to discard changes but git reset --hard was blocked. Let me use git stash instead—recoverable if needed." [proceeds with stash]

Safe Alternatives

Blocked	Use Instead	Why
`git reset --hard`	`git stash`	Recoverable
`git checkout -- file`	`git stash push file`	Preserves changes
`git push --force`	`git push --force-with-lease`	Checks remote unchanged
`git clean -fd`	`git clean -fdn` (preview)	Shows what would delete
`git stash drop`	`git stash list` first	Verify which stash
`rm -rf /path`	`rm -ri /path` or verify path	Interactive/confirm
`kubectl delete namespace`	`kubectl delete -l app=X`	Selective deletion
`DROP DATABASE`	Backup first	Human approves
`docker system prune -a`	`docker system df` first	See what's used

Quick Reference

dcg doctor              # Health check — hook registered?
dcg explain "cmd"       # WHY is it blocked? (with trace)
dcg test "cmd"          # Would this be blocked? (dry-run)
dcg allow-once CODE     # Human approves (THEY run this)
dcg packs               # List available rule packs
dcg scan --staged       # Pre-commit: scan for issues

What Gets Blocked

Category	Patterns	Safe Variants
Git destructive	`reset --hard`, `checkout --`	`stash`, `restore --staged`
Git history	`push --force`, `branch -D`	`--force-with-lease`, `-d`
Git stash	`stash drop`, `stash clear`	`stash list` first
Filesystem	`rm -rf` (dangerous paths)	`/tmp/*` allowed
Database	`DROP`, `TRUNCATE`, `DELETE` w/o WHERE	Add WHERE clause
K8s	`delete namespace`, `delete --all`	`-l` label selector

Context-aware: rm -rf ./build allowed, rm -rf / blocked.

dcg explain example (7-step pipeline):

$ dcg explain "git reset --hard HEAD"
BLOCKED by core.git:reset-hard

Evaluation trace:
  1. Config allow overrides: no match
  2. Config block overrides: no match
  3. Heredoc detection: not applicable
  4. Quick reject: triggered (contains "reset")
  5. Context sanitization: no changes
  6. Normalization: git reset --hard HEAD
  7. Pack evaluation:
     - Safe patterns: no match
     - Destructive: MATCH "reset --hard"

Suggestion: Use `git stash` to preserve changes

Anti-Patterns

❌ "Command blocked. Run dcg allow-once ab12"  → Find alternative first!
❌ *Retrying silently or circumventing*         → Always acknowledge blocks
❌ Treating blocks as errors                    → They're checkpoints
❌ Asking user to allow-once without explaining → They need context

Configuration

# .dcg.toml — enable rule packs per-project
[packs]
enabled = ["database.postgresql", "kubernetes.kubectl", "cloud.aws"]

[overrides]
allow_patterns = ["rm -rf ./node_modules"]  # Project-specific safe

Environment variables:

DCG_PACKS="containers.docker,kubernetes" — Enable packs
DCG_DISABLE="kubernetes.helm" — Disable specific packs
DCG_BYPASS=1 — Escape hatch (human-only)

Key Facts

49+ rule packs available (database, containers, k8s, cloud, etc.)
Sub-millisecond latency — won't slow your workflow
Fail-open on timeout — if DCG hangs, command runs (with warning)
Heredoc scanning — inline scripts (bash -c, python -c) are analyzed
Allow-once codes — 4 hex chars, 24h expiry, bound to exact command+directory

The Incident That Started It All

On December 17, 2025, an AI agent ran git checkout -- on files containing hours of uncommitted work. The files were recovered via git fsck --lost-found, but it proved: instructions don't prevent execution—mechanical enforcement does.

Validation

# Quick health check
dcg doctor | head -20

# Test if a command would be blocked
dcg test "git reset --hard HEAD"

# Should show: WOULD BE BLOCKED

Scripts

Script	Usage
`./scripts/validate-dcg.sh`	Full installation validation

References

COMMANDS.md — Full CLI reference with dcg explain, dcg scan
PACKS.md — 49+ rule pack system (database, k8s, cloud, etc.)
CONFIG.md — Configuration, agent profiles, heredoc settings
SCENARIOS.md — Detailed examples with good/bad responses
PHILOSOPHY.md — Why DCG works this way
TROUBLESHOOTING.md — Common issues and fixes