with one click
careful
Safety guardrails for destructive commands. (gstack)
Install with Codex or Claude Copy this prompt, paste it into Codex, Claude, or another assistant, and let it review the skill page and install it for you.
Menu
Safety guardrails for destructive commands. (gstack)
Install with Codex or Claude Copy this prompt, paste it into Codex, Claude, or another assistant, and let it review the skill page and install it for you.
Based on SOC occupation classification
| name | careful |
| version | 0.1.0 |
| description | Safety guardrails for destructive commands. (gstack) |
| triggers | ["be careful","warn before destructive","safety mode"] |
| allowed-tools | ["Bash","Read"] |
| hooks | {"PreToolUse":[{"matcher":"Bash","hooks":[{"type":"command","command":"bash $HOME/.claude/skills/gstack/careful/bin/check-careful.sh","statusMessage":"Checking for destructive commands..."}]}]} |
Warns before rm -rf, DROP TABLE, force-push, git reset --hard, kubectl delete, and similar destructive operations. User can override each warning. Use when touching prod, debugging live systems, or working in a shared environment. Use when asked to "be careful", "safety mode", "prod mode", or "careful mode".
Safety mode is now active. Every bash command will be checked for destructive patterns before running. If a destructive command is detected, you'll be warned and can choose to proceed or cancel.
mkdir -p ~/.gstack/analytics
echo '{"skill":"careful","ts":"'$(date -u +%Y-%m-%dT%H:%M:%SZ)'","repo":"'$(basename "$(git rev-parse --show-toplevel 2>/dev/null)" 2>/dev/null || echo "unknown")'"}' >> ~/.gstack/analytics/skill-usage.jsonl 2>/dev/null || true
| Pattern | Example | Risk |
|---|---|---|
rm -rf / rm -r / rm --recursive | rm -rf /var/data | Recursive delete |
DROP TABLE / DROP DATABASE | DROP TABLE users; | Data loss |
TRUNCATE | TRUNCATE orders; | Data loss |
git push --force / -f | git push -f origin main | History rewrite |
git reset --hard | git reset --hard HEAD~3 | Uncommitted work loss |
git checkout . / git restore . | git checkout . | Uncommitted work loss |
kubectl delete | kubectl delete pod | Production impact |
docker rm -f / docker system prune | docker system prune -a | Container/image loss |
These patterns are allowed without warning:
rm -rf node_modules / .next / dist / __pycache__ / .cache / build / .turbo / coverageThe hook reads the command from the tool input JSON, checks it against the
patterns above, and returns permissionDecision: "ask" with a warning message
if a match is found. You can always override the warning and proceed.
To deactivate, end the conversation or start a new one. Hooks are session-scoped.
Auto-review pipeline — reads the full CEO, design, eng, and DX review skills from disk and runs them sequentially with auto-decisions using 6 decision principles. (gstack)
Cross-model benchmark for gstack skills. (gstack)
Performance regression detection using the browse daemon. (gstack)
Fast headless browser for QA testing and site dogfooding. (gstack)
Post-deploy canary monitoring. (gstack)
OpenAI Codex CLI wrapper — three modes. (gstack)