Skill

vibeflow-careful

Warns before destructive commands like rm -rf, DROP TABLE, force-push. Activates when user requests careful mode or safety mode. Useful for prod or shared environments.

Bash

security

npx claudepluginhub ttttstc/vibeflow --plugin vibeflow

Popularity

Stars

Forks

Invocation

How this skill is triggered — by the user, by Claude, or both

Slash command

/vibeflow:vibeflow-careful

User invocable

Model invocable

Inline context

Default effort

Tool Access

This skill is limited to the following tools:

BashRead

Hooks

PreToolUse

Matcher: Bash

Hooks:

commandbash ${CLAUDE_SKILL_DIR}/bin/check-careful.sh

Context Preview

The summary Claude sees in its skill listing — used to decide when to auto-load this skill

Safety mode is now **active**. Every bash command will be checked for destructive

Supporting Files

bin/check-careful.sh

SKILL.md

72 lines · ~646 tokens

Similar Skills

guard

100

Blocks destructive Bash commands like rm -rf, DROP TABLE, git force-push, reset --hard, and restricts file edits to a specific directory. Use for protection on critical systems.

2 tools

ultraship

safe-mode

2.1k

Prevents destructive operations in Claude Code sessions via hooks. Cautious mode warns on Bash risks like rm -rf, git force-push; lockdown restricts edits to one directory; clear disables. Invoke with /safe-mode.

pro-workflow

safety-guard

186.8k

Blocks destructive commands like rm -rf, git --force-push, kubectl delete; restricts edits to specified directories for production systems or autonomous agents.

ecc

Stats

LanguagePython

Stars10

Forks6

MaintenanceExcellent

Last CommitApr 13, 2026

Actions

View Source View Plugin View on GitHub View README

Help us improve

Share bugs, ideas, or general feedback.

Stats

Actions

Help us improve

Share bugs, ideas, or general feedback.

/vibeflow-careful — Destructive Command Guardrails

Safety mode is now active. Every bash command will be checked for destructive patterns before running. If a destructive command is detected, you'll be warned and can choose to proceed or cancel.

Note: This skill requires hook script support. Ensure the hook script bin/check-careful.sh is executable and properly installed.

What's protected

Pattern

Example

Risk

rm -rf / rm -r / rm --recursive

rm -rf /var/data

Recursive delete

DROP TABLE / DROP DATABASE

DROP TABLE users;

Data loss

TRUNCATE

TRUNCATE orders;

Data loss

git push --force / -f

git push -f origin main

History rewrite

git reset --hard

git reset --hard HEAD~3

Uncommitted work loss

git checkout . / git restore .

git checkout .

Uncommitted work loss

kubectl delete

kubectl delete pod

Production impact

docker rm -f / docker system prune

docker system prune -a

Container/image loss

Safe exceptions

These patterns are allowed without warning:

rm -rf node_modules / .next / dist / __pycache__ / .cache / build / .turbo / coverage

How it works

The hook reads the command from the tool input JSON, checks it against the patterns above, and returns permissionDecision: "ask" with a warning message if a match is found. You can always override the warning and proceed.

To deactivate, end the conversation or start a new one. Hooks are session-scoped.

Activation

To activate this skill, run:

Skill: vibeflow-careful

集成

调用者： 用户在 review 阶段或其他需要安全护栏的场景主动调用 依赖： bin/check-careful.sh hook 脚本存在且可执行 状态： 默认关闭，需要用户显式激活 链接到： vibeflow-guard（组合模式）/ vibeflow-unfreeze（解除）