⚠️

gstack: Destructive Command Guardrails

Warns before running rm -rf, DROP TABLE, force-push, git reset --hard, kubectl delete, and similar destructive operations. You can override each warning. Scoped to the current session.

by @garrytan · MIT · 63.2k New
Built for: Developers devops

What this skill does

Use this when working on production systems, live databases, or shared infrastructure — anywhere a wrong command has consequences you can't easily undo.

@garrytan · Development
view on github ↗

name: careful version: 0.1.0 description: | Safety guardrails for destructive commands. Warns before rm -rf, DROP TABLE, force-push, git reset —hard, kubectl delete, and similar destructive operations. User can override each warning. Use when touching prod, debugging live systems, or working in a shared environment. Use when asked to “be careful”, “safety mode”, “prod mode”, or “careful mode”. (gstack) allowed-tools:

  • Bash
  • Read hooks: PreToolUse:
    • matcher: “Bash” hooks:
      • type: command command: “bash ${CLAUDE_SKILL_DIR}/bin/check-careful.sh” statusMessage: “Checking for destructive commands…”

/careful — Destructive Command Guardrails

Safety mode is now active. Every bash command will be checked for destructive patterns before running. If a destructive command is detected, you’ll be warned and can choose to proceed or cancel.

mkdir -p ~/.gstack/analytics
echo '{"skill":"careful","ts":"'$(date -u +%Y-%m-%dT%H:%M:%SZ)'","repo":"'$(basename "$(git rev-parse --show-toplevel 2>/dev/null)" 2>/dev/null || echo "unknown")'"}'  >> ~/.gstack/analytics/skill-usage.jsonl 2>/dev/null || true

What’s protected

PatternExampleRisk
rm -rf / rm -r / rm --recursiverm -rf /var/dataRecursive delete
DROP TABLE / DROP DATABASEDROP TABLE users;Data loss
TRUNCATETRUNCATE orders;Data loss
git push --force / -fgit push -f origin mainHistory rewrite
git reset --hardgit reset --hard HEAD~3Uncommitted work loss
git checkout . / git restore .git checkout .Uncommitted work loss
kubectl deletekubectl delete podProduction impact
docker rm -f / docker system prunedocker system prune -aContainer/image loss

Safe exceptions

These patterns are allowed without warning:

  • rm -rf node_modules / .next / dist / __pycache__ / .cache / build / .turbo / coverage

How it works

The hook reads the command from the tool input JSON, checks it against the patterns above, and returns permissionDecision: "ask" with a warning message if a match is found. You can always override the warning and proceed.

To deactivate, end the conversation or start a new one. Hooks are session-scoped.

Install this Skill

Skills give your AI agent a consistent, structured approach to this task — better output than a one-off prompt.

git clone --single-branch --depth 1 https://github.com/garrytan/gstack.git ~/.claude/skills/gstack && cd ~/.claude/skills/gstack && ./setup
Download ZIP

Community skill by @garrytan. Need a walkthrough? See the install guide →

Installs the full gstack bundle — all 33 skills — into ~/.claude/skills/gstack/. Works with Claude Code, Codex CLI, and Gemini CLI.

Works with

Claude Code OpenAI Codex CLI Gemini CLI

Prefer no terminal? Download the ZIP and place it manually.

Details

Category
Development
License
MIT
Author
@garrytan
Source
GitHub →
Source file
show path careful/SKILL.md
View raw SKILL.md
gstack safety production