Skill

guard

Blocks destructive Bash commands like rm -rf, DROP TABLE, git force-push, reset --hard, and restricts file edits to a specific directory. Use for protection on critical systems.

Bash

Git

Docker

Kubernetes

security

npx claudepluginhub houseofmvps/ultraship --plugin ultraship

Configuration

Arguments: <directory-to-protect>

Tool Access

This skill is limited to using the following tools:

BashRead

Preview

Guard protects you from accidental destructive actions by intercepting dangerous commands before they execute. It uses Claude Code's PreToolUse hooks to catch risky patterns in real-time.

SKILL.md

Similar Skills

Safety Guard — Prevent Destructive Operations

149

Blocks destructive commands like rm -rf, git --force, DROP TABLE, docker prune, and restricts file edits to specified directories. Use on production systems and with autonomous agents.

awesome-claude-notes

safety-guard

175.2k

Blocks destructive commands like rm -rf, git --force-push, kubectl delete; restricts edits to specified directories for production systems or autonomous agents.

everything-claude-code

safe-mode

2.0k

Prevents destructive ops in Claude Code via /safe-mode: cautious warns on rm -rf/SQL drops/git force-push; lockdown restricts edits to one dir; clear resets.

pro-workflow

Stats

Stars78

Forks7

Last CommitApr 1, 2026

Actions

View Source View Plugin View on GitHub View README

Help us improve

Share bugs, ideas, or general feedback.

Guard — Safety Guardrails

Guard protects you from accidental destructive actions by intercepting dangerous commands before they execute. It uses Claude Code's PreToolUse hooks to catch risky patterns in real-time.

Announce at start: "I'm activating Guard — destructive commands will be blocked until you explicitly approve them."

What Guard Blocks

Destructive Bash Commands

rm -rf / rm -r on important directories
DROP TABLE / DROP DATABASE / TRUNCATE
git push --force / git push -f (to main/master)
git reset --hard
git checkout . / git restore . (discard all changes)
git clean -f / git clean -fd
git branch -D (force delete branch)
kubectl delete (Kubernetes resource deletion)
docker system prune / docker volume rm
:> file / > file (truncate files)

File Edit Restrictions (Optional)

When the user specifies a directory to freeze to, Guard blocks edits outside that directory:

User: "Only edit files in src/api/"
→ Guard blocks Edit/Write calls to any path not under src/api/

How It Works

Guard installs PreToolUse hooks that run BEFORE Claude executes Bash, Edit, or Write tools:

Bash hook — Scans the command string for destructive patterns. If matched, outputs a warning and blocks execution.
Edit/Write hook — If a freeze directory is set, checks that the target file is within the allowed path.

The hooks are defined in this skill's configuration and activate when the skill is loaded.

Usage

Activate full protection

Just invoke /guard — destructive command blocking is immediate.

Set a directory freeze

Tell Claude which directory to restrict edits to:

"Only edit files in packages/api/"
"Freeze edits to src/components/"

Guard will write the freeze path to .ultraship/guard-freeze.txt and enforce it on all Edit/Write operations.

Remove freeze

"Unfreeze" or "Remove edit restrictions"

Override a blocked command

If Guard blocks something you actually need to run, explicitly confirm:

"Yes, I want to force-push to main"
"Confirmed: drop the users table"

Guard will allow explicitly confirmed destructive actions.

Integration with Other Skills

/investigate — Guard pairs well with investigation. No accidental fixes while diagnosing.
/deploy — Guard prevents accidental force-pushes during deployment.
/rescue — During incidents, Guard ensures rollback commands are deliberate.

Key Principles

Block by default, allow on confirmation. Better to stop and ask than to destroy.
No silent failures. Always explain what was blocked and why.
The user is sovereign. Explicit confirmation overrides any guard.
Minimal friction for safe operations. Guard only triggers on genuinely dangerous patterns.