name	careful
version	0.1.0
description	Safety guardrails for destructive commands. Warns before rm -rf, DROP TABLE, force-push, git reset --hard, kubectl delete, and similar destructive operations. User can override each warning. Use when touching prod, debugging live systems, or working in a shared environment. Use when asked to "be careful", "safety mode", "prod mode", or "careful mode". (Nexus)
allowed-tools	["Bash","Read"]
hooks	{"PreToolUse":[{"matcher":"Bash","hooks":[{"type":"command","command":"bash ${CLAUDE_SKILL_DIR}/../../../runtimes/hooks/careful/bin/check-careful.sh","statusMessage":"Checking for destructive commands..."}]}]}

/careful — Destructive Command Guardrails

Overview

This skill enables a bash preflight safety check. It does not prohibit all risky work; it forces an explicit warning and user decision before known destructive command patterns run.

Safety mode is now active. Every bash command will be checked for destructive patterns before running. If a destructive command is detected, you'll be warned and can choose to proceed or cancel.

Workflow

Confirm /careful is active for the current session.
Continue normal work.
When a destructive Bash command is detected, stop and show the warning.
Run the command only if the user explicitly chooses to proceed.
If the command is not needed, choose a safer alternative and explain it.

What's protected

Pattern	Example	Risk
`rm -rf` / `rm -r` / `rm --recursive`	`rm -rf /var/data`	Recursive delete
`DROP TABLE` / `DROP DATABASE`	`DROP TABLE users;`	Data loss
`TRUNCATE`	`TRUNCATE orders;`	Data loss
`git push --force` / `-f`	`git push -f origin main`	History rewrite
`git reset --hard`	`git reset --hard HEAD~3`	Uncommitted work loss
`git checkout .` / `git restore .`	`git checkout .`	Uncommitted work loss
`kubectl delete`	`kubectl delete pod`	Production impact
`docker rm -f` / `docker system prune`	`docker system prune -a`	Container/image loss

Safe exceptions

These patterns are allowed without warning:

rm -rf node_modules / .next / dist / __pycache__ / .cache / build / .turbo / coverage

How it works

The hook reads the command from the tool input JSON, checks it against the patterns above, and returns permissionDecision: "ask" with a warning message if a match is found. You can always override the warning and proceed.

To deactivate, end the conversation or start a new one. Hooks are session-scoped.

Output Contract

When activated, report that destructive-command checking is active and list the most important protected categories for the current task. If a warning triggers, the output must state the exact risky command category and whether the user chose to proceed or cancel.

Verification Evidence

Before claiming the guardrail is available, verify the skill hook is present in this skill file and that destructive categories are documented above. During use, the evidence is the hook warning before the command runs, plus the user's explicit decision for that command.

name	careful
version	0.1.0
description	Safety guardrails for destructive commands. Warns before rm -rf, DROP TABLE, force-push, git reset --hard, kubectl delete, and similar destructive operations. User can override each warning. Use when touching prod, debugging live systems, or working in a shared environment. Use when asked to "be careful", "safety mode", "prod mode", or "careful mode". (Nexus)
allowed-tools	["Bash","Read"]
hooks	{"PreToolUse":[{"matcher":"Bash","hooks":[{"type":"command","command":"bash ${CLAUDE_SKILL_DIR}/../../../runtimes/hooks/careful/bin/check-careful.sh","statusMessage":"Checking for destructive commands..."}]}]}