cc-safe-setup
🚀 Launching on Product Hunt — April 21! Follow us and upvote to support open source safety for AI coding agents.
One command to make Claude Code safe for autonomous operation. 719 example hooks · 9,200+ tests · 30K+ total installs · 日本語
npx cc-safe-setup
Installs 8 safety hooks in ~10 seconds. Blocks rm -rf /, prevents pushes to main, catches secret leaks, validates syntax after every edit. Zero npm dependencies. Hooks use jq at runtime (brew install jq / apt install jq).
What's a hook? A checkpoint that runs before Claude executes a command. Like airport security — it inspects what's about to happen and blocks anything dangerous before it reaches the gate.
▶ Live Demo (see hooks block rm -rf in your browser) · Incident Tracker (90 real incidents) · Token Checkup (what type are you?) · All 8 Tools
cc-safe-setup
Make Claude Code safe for autonomous operation
Prevents real incidents (from GitHub Issues):
✗ rm -rf permanently destroyed ~50 GB / 1,500 files (#49129) ← April 2026
✗ Auto mode approved ~/.ssh deletion — all SSH keys gone (#49554)
✗ ~/.git-credentials PATs deleted without confirmation (#49539)
✗ rm -rf deleted 3,467 files (~7 GB) without confirmation (#46058)
✗ rm -rf deleted entire user directory via NTFS junction (#36339)
✗ Remove-Item -Recurse -Force destroyed unpushed source (#37331)
✗ Entire Mac filesystem deleted during cleanup (#36233)
✗ Untested code pushed to main at 3am
✗ Force-push rewrote shared branch history
✗ API keys committed to public repos via git add .
✗ Syntax errors cascading through 30+ files
✗ Sessions losing all context with no warning
✗ CLAUDE.md rules silently ignored after context compaction
✗ Claude ran destructive DDL on production database (#46684)
✗ AI executed delete/kill operations on production environment (#46650)
✗ Subagents ignoring all CLAUDE.md rules since v2.1.84 (#40459)
Hooks to install:
● Destructive Command Blocker
● Branch Push Protector
● Post-Edit Syntax Validator
● Context Window Monitor
● Bash Comment Stripper
● cd+git Auto-Approver
● Secret Leak Prevention
Install all 8 safety hooks? [Y/n] Y
✓ Done. 8 safety hooks installed.
Why This Exists
A user lost 3,467 files (~7 GB) when Claude ran rm -rf on their data directory without confirmation. Another lost their entire C:\Users directory when rm -rf followed NTFS junctions. Another lost all source code when Claude ran Remove-Item -Recurse -Force * on a repo. One user's Claude ran destructive DDL on a production database when asked only to investigate. Another had Claude execute delete and kill operations on production systems. Others had untested code pushed to main at 3am. API keys got committed via git add .. Syntax errors cascaded through 30+ files before anyone noticed. And CLAUDE.md rules get silently dropped after context compaction — your instructions vanish mid-session.
One user analyzed 6,852 sessions and found the Read:Edit ratio dropped from 6.6 to 2.0 — Claude editing files it never read jumped from 6% to 34%. That issue has over 2,100 reactions. The read-before-edit example hook catches this pattern before damage happens.
In April 2026, $1,446 was transferred without authorization when Claude moved funds between exchange accounts. A user lost $367 and got their account suspended from a Claude-generated script. Physical coordinates were uploaded to a public website despite 17 sessions of "no PII" in CLAUDE.md. And deny rules can be bypassed with 50+ subcommands.