npx claudepluginhub yurukusa/cc-safe-setup --plugin git-protectionDefined inline in plugin.json manifest
BashCMD=$(echo "$CC_TOOL_INPUT" | jq -r '.command' 2>/dev/null); if echo "$CMD" | grep -qE 'git\s+push.*--force|git\s+push.*-f\b'; then echo 'BLOCKED: Force push. Use --force-with-lease for safer alternative.' >&2; exit 2; fiBashCMD=$(echo "$CC_TOOL_INPUT" | jq -r '.command' 2>/dev/null); if echo "$CMD" | grep -qE 'git\s+push\s+(origin\s+)?(main|master)\b'; then echo 'BLOCKED: Direct push to main/master. Use a feature branch and PR.' >&2; exit 2; fiBashCMD=$(echo "$CC_TOOL_INPUT" | jq -r '.command' 2>/dev/null); if echo "$CMD" | grep -qE 'git\s+reset\s+--hard'; then echo 'BLOCKED: git reset --hard. Use git stash or git reset --soft.' >&2; exit 2; fiBashCMD=$(echo "$CC_TOOL_INPUT" | jq -r '.command' 2>/dev/null); if echo "$CMD" | grep -qE 'git\s+clean\s+-fd|git\s+clean\s+-f'; then echo 'BLOCKED: git clean removes untracked files permanently. Review with git clean -n first.' >&2; exit 2; fiBashCMD=$(echo "$CC_TOOL_INPUT" | jq -r '.command' 2>/dev/null); if echo "$CMD" | grep -qE 'git\s+branch\s+-D'; then echo 'BLOCKED: Force branch deletion. Use -d (safe delete) instead of -D.' >&2; exit 2; fiRuns Node.js script 'check-git-commit-skill.js' on PreToolUse for Bash tools, enabling git commit validation before bash execution. Can block tools; touches bash.
Share bugs, ideas, or general feedback.