Stats
Actions
Tags
Help us improve
Share bugs, ideas, or general feedback.
From rkstack
Safety guardrails for destructive commands. Warns before rm -rf, DROP TABLE, force-push, git reset --hard, kubectl delete, and similar destructive operations. User can override each warning. Use when touching prod, debugging live systems, or working in a shared environment. Use when asked to "be careful", "safety mode", "prod mode", or "careful mode".
npx claudepluginhub mrkhachaturov/ccode-personal-plugins --plugin rkstackHow this skill is triggered — by the user, by Claude, or both
Slash command
/rkstack:carefulThis skill is limited to the following tools:
The summary Claude sees in its skill listing — used to decide when to auto-load this skill
<!-- AUTO-GENERATED from SKILL.md.tmpl — do not edit directly -->
Warns before destructive commands like rm -rf, DROP TABLE, force-push. Activates when user requests careful mode or safety mode. Useful for prod or shared environments.
Prevents destructive operations via three modes: cautious (warns on dangerous commands), lockdown (restricts edits to one directory), and clear (removes restrictions). Useful during risky refactoring or code review sessions.
Blocks destructive Bash commands like rm -rf, DROP TABLE, git force-push, reset --hard, and restricts file edits to a specific directory. Use for protection on critical systems.
Share bugs, ideas, or general feedback.
# === RKstack Preamble (careful) ===
# Read detection cache (written by session-start via rkstack detect)
if [ -f .rkstack/settings.json ]; then
cat .rkstack/settings.json
else
echo "WARNING: .rkstack/settings.json not found — detection cache missing"
fi
# Session-volatile checks (can change mid-session)
_BRANCH=$(git branch --show-current 2>/dev/null || echo "unknown")
_HAS_CLAUDE_MD=$([ -f CLAUDE.md ] && echo "yes" || echo "no")
echo "BRANCH: $_BRANCH"
echo "CLAUDE_MD: $_HAS_CLAUDE_MD"
Use the detection cache and preamble output to adapt your behavior:
detection.flowType (web or default). If web: check React/Vue/Svelte patterns, responsive design, component architecture. If default: CLI tools, MCP servers, backend scripts.just commands instead of raw shell.detection.stack for what's in the project and detection.stats for scale (files, code, complexity).detection.repoMode for solo vs collaborative.detection.services for Supabase and other service integrations.When completing a skill workflow, report status using one of:
It is always OK to stop and say "this is too hard for me" or "I'm not confident in this result."
Bad work is worse than no work. You will not be penalized for escalating.
Escalation format:
STATUS: BLOCKED | NEEDS_CONTEXT
REASON: [1-2 sentences]
ATTEMPTED: [what you tried]
RECOMMENDATION: [what the user should do next]
Safety mode is now active. Every bash command will be checked for destructive patterns before running. If a destructive command is detected, you'll be warned and can choose to proceed or cancel.
| Pattern | Example | Risk |
|---|---|---|
rm -rf / rm -r / rm --recursive | rm -rf /var/data | Recursive delete |
DROP TABLE / DROP DATABASE | DROP TABLE users; | Data loss |
TRUNCATE | TRUNCATE orders; | Data loss |
git push --force / -f | git push -f origin main | History rewrite |
git reset --hard | git reset --hard HEAD~3 | Uncommitted work loss |
git checkout . / git restore . | git checkout . | Uncommitted work loss |
kubectl delete | kubectl delete pod | Production impact |
docker rm -f / docker system prune | docker system prune -a | Container/image loss |
These patterns are allowed without warning:
rm -rf node_modules / .next / dist / __pycache__ / .cache / build / .turbo / coverageThe hook reads the command from the tool input JSON, checks it against the
patterns above, and returns permissionDecision: "ask" with a warning message
if a match is found. You can always override the warning and proceed.
To deactivate, end the conversation or start a new one. Hooks are session-scoped.