Exécutez n'importe quel Skill dans Manus
en un clic

Exécutez n'importe quel Skill dans Manus en un clic

destructive-command-protection

Étoiles1

Forks0

Mis à jour18 février 2026 à 14:25

Runtime enforcement hook that blocks destructive system and database commands. Prevents accidental rm -rf, database drops, and other irreversible operations. Auto-loaded for all command execution.

Installation

Installer avec Codex ou Claude Copiez ce prompt, collez-le dans Codex, Claude ou un autre assistant, puis laissez-le vérifier la page du skill et l'installer pour vous.

Exécuter dans Manus

Source

hypeJunction

hypeJunction/ai-assistant-starter

Ouvrir le dépôt GitHub Voir les dépôts du créateur

Téléchargement

Exécuter dans Manus

Métiers associésSOC

Basé sur la classification professionnelle SOC

Analystes en sécurité de l'informationProfessions informatiques et mathématiques·SOC 15-1212

Explorateur de fichiers

2 fichiers

SKILL.md

readonly

Plus depuis ce dépôt

même dépôt

finish

hypeJunction/ai-assistant-starter

End-of-session routine. Ensures test coverage, performs self-review, runs validation, and commits cleanly. Use when finishing a unit of work.

2026-03-161

implement

hypeJunction/ai-assistant-starter

Full feature implementation workflow with explore, plan, code, test, validate, and commit phases. Use for new features, enhancements, or significant code changes.

2026-03-161

iterate-pr

hypeJunction/ai-assistant-starter

Iterate on an open PR until CI passes and all review feedback is addressed. Fetches status, categorizes findings by severity, applies fixes, and loops until clean.

2026-03-161

plan

hypeJunction/ai-assistant-starter

Create a detailed implementation plan without writing code. Read-only analysis and planning with user approval gate. Use before implementing features or making significant changes.

2026-03-161

security-review

hypeJunction/ai-assistant-starter

Systematic security audit with confidence-based reporting. Analyzes attack surfaces, checks against OWASP categories, and reports only confirmed or likely vulnerabilities. Use for pre-merge security review or periodic audits.

2026-03-161

validate

hypeJunction/ai-assistant-starter

Run validation checks to ensure code quality, security, and correctness. Supports quick (scoped), full (CI pipeline), fix (auto-correct), and CI mirror modes.

2026-03-161

name	destructive-command-protection
description	Runtime enforcement hook that blocks destructive system and database commands. Prevents accidental rm -rf, database drops, and other irreversible operations. Auto-loaded for all command execution.
category	enforcement
user-invocable	false

Destructive Command Protection

Runtime enforcement hook for Claude Code's PreToolUse hook system. Intercepts Bash tool calls and blocks commands that could cause irreversible damage.

Blocked Operations

Filesystem

Command Pattern	Risk	Action
`rm -rf /` or `rm -rf ~` or `rm -rf .`	Filesystem destruction	Block
`rm -rf /etc`, `/usr`, `/var`, `/boot`, `/home`	System directory deletion	Block
`rm -rf $HOME`	Home directory deletion	Block

Safe targets (allowed): node_modules, dist/, build/, .next/, .cache/, coverage/, .turbo/, tmp/, .tmp/, out/

Database & Data Stores

Command Pattern	Risk	Action
`DROP DATABASE` / `DROP SCHEMA`	Database destruction	Block
`TRUNCATE TABLE` (without IF EXISTS)	Mass data deletion	Block
`redis-cli FLUSHALL` / `FLUSHDB`	Wipes all Redis data	Block
`mongosh db.dropDatabase()` / `.drop()`	MongoDB destruction	Block

Git

Command Pattern	Risk	Action
`git stash drop`	Permanently deletes a stash entry	Block
`git stash clear`	Permanently deletes all stashes	Block

System

Command Pattern	Risk	Action
`mkfs` / `dd if= of=/dev/`	Disk formatting/overwrite	Block
`> /dev/sda` or writes to block devices	Disk corruption	Block
`chmod -R 777 /`	Security degradation	Block
`:(){ :	:& };:` (fork bomb)	System crash
`kill -9 1` / `kill -9 -1`	System process termination	Block

Containers

Command Pattern	Risk	Action
`docker system prune`	Removes all unused containers, images, volumes	Block
`docker volume prune`	Removes all unused volumes with data	Block
`docker container prune` / `image prune`	Mass container/image removal	Block
`docker compose down -v`	Removes volumes with persistent data	Block

Infrastructure as Code

Command Pattern	Risk	Action
`terraform destroy`	Tears down infrastructure	Block
`terraform apply -auto-approve`	Applies without review	Block
`pulumi destroy`	Tears down infrastructure	Block

Package Publishing

Command Pattern	Risk	Action
`npm publish` / `yarn publish`	Irreversible public release	Block
`gem push` / `twine upload` / `cargo publish`	Irreversible public release	Block

Cloud Resources

Command Pattern	Risk	Action
`aws ec2 terminate-instances`	Destroys EC2 instances	Block
`aws rds delete-db-instance`	Destroys RDS database	Block
`aws cloudformation delete-stack`	Destroys CloudFormation stack	Block
`aws secretsmanager delete-secret`	Destroys secrets	Block
`aws iam delete-role`	Removes IAM role	Block
`gcloud compute instances delete`	Destroys GCE instance	Block
`gcloud sql instances delete`	Destroys Cloud SQL instance	Block
`gcloud projects delete`	Destroys GCP project	Block
`az vm delete` / `az group delete`	Destroys Azure resources	Block
`az storage account delete` / `az keyvault delete`	Destroys Azure storage/keys	Block

Kubernetes

Command Pattern	Risk	Action
`kubectl delete namespace` / `ns`	Mass resource deletion	Block
`kubectl delete ... --all`	Mass resource deletion	Block
`kubectl drain`	Evicts all pods from node	Block

Network & Storage

Command Pattern	Risk	Action
`rsync --delete`	Removes destination files not in source	Block
`aws s3 rm --recursive` / `aws s3 rb --recursive`	Mass S3 deletion	Block
`gsutil rm -r`	Mass GCS deletion	Block
`azcopy remove --recursive`	Mass Azure blob deletion	Block

Bypass Prevention

Technique	Detection	Action
`bash -c "blocked command"`	Shell wrapper extraction	Block
`sh -c 'blocked command'`	Shell wrapper extraction	Block
`python -c "os.system(...)"`	Interpreter one-liner scan	Block
`node -e "execSync(...)"`	Interpreter one-liner scan	Block
`ruby -e "system(...)"`	Interpreter one-liner scan	Block

Installation

Add to your Claude Code settings (~/.claude/settings.json or project .claude/settings.json):

{
  "hooks": {
    "PreToolUse": [
      {
        "matcher": "Bash",
        "hooks": [
          {
            "type": "command",
            "command": "node .claude/skills/destructive-command-protection/references/hook.js"
          }
        ]
      }
    ]
  }
}

Acceptance Tests

ID	Type	Condition	Expected
DC-T1	Block	`rm -rf /`	Blocked
DC-T2	Block	`rm -rf ~`	Blocked
DC-T3	Block	`DROP DATABASE production`	Blocked
DC-T4	Block	`chmod -R 777 /`	Blocked
DC-T5	Allow	`rm -rf ./node_modules`	Allowed (safe target)
DC-T6	Allow	`rm -rf dist/`	Allowed (build artifact)
DC-T7	Allow	`DROP TABLE IF EXISTS temp_migration`	Allowed (TABLE not matched)
DC-T8	Block	`dd if=/dev/zero of=/dev/sda`	Blocked
DC-T9	Block	`git stash clear`	Blocked
DC-T10	Allow	`git stash pop`	Allowed (not destructive)
DC-T11	Block	`bash -c "rm -rf /"`	Blocked (shell wrapper)
DC-T12	Block	`python -c "import shutil; shutil.rmtree(...)"`	Blocked (interpreter)
DC-T13	Block	`docker system prune`	Blocked
DC-T14	Allow	`docker compose down`	Allowed (no -v)
DC-T15	Block	`terraform destroy`	Blocked
DC-T16	Allow	`terraform plan`	Allowed (read-only)
DC-T17	Block	`npm publish`	Blocked
DC-T18	Block	`aws ec2 terminate-instances`	Blocked
DC-T19	Block	`kubectl delete namespace production`	Blocked
DC-T20	Allow	`kubectl get pods`	Allowed (read-only)
DC-T21	Block	`rsync --delete src/ dest/`	Blocked
DC-T22	Block	`aws s3 rm --recursive`	Blocked
DC-T23	Block	`redis-cli FLUSHALL`	Blocked
DC-T24	Block	`mongosh --eval "db.dropDatabase()"`	Blocked