Prevent destructive actions in production systems and autonomous agent workflows.
This appears to be a low-risk prompt-only safety skill with no secrets and no declared remote endpoints. The main caveats are the missing license declaration, unknown maintenance status, and the need to verify that the described hook/logging behavior matches the actual implementation.
The material explicitly states that no keys or environment variables are required, and no API tokens, account credentials, or other sensitive secrets are requested, so credential exposure risk is low.
It declares no remote endpoints, and the system flags it as prompt-only; the material does not show any transmission of user data to external services, with no signs of unusual network egress.
Based on the checks, this is a prompt-only skill and does not itself request local execution privileges; the README describes intercepting and constraining Bash/Write/Edit/MultiEdit via PreToolUse rather than adding arbitrary code execution capability.
The material mainly describes command-pattern and path-based interception, without claiming broad access to sensitive data or arbitrary writes; it only mentions logging blocked actions to `~/.claude/safety-guard.log`, suggesting limited and function-related data access.
Positive factors include being open source on GitHub with very high community adoption (~210k stars), which improves auditability; however, the license is undeclared, maintenance status is unknown, and the mapping between the skill name and the provided repository (ECC) should be manually verified, so some supply-chain caution remains warranted.
Copy the install command and let the AI configure it · recommended for beginners
Please install the "safety-guard" skill from askskill: 1. Download https://raw.githubusercontent.com/affaan-m/ECC/main/skills/safety-guard/SKILL.md 2. Save it as ~/.claude/skills/safety-guard/SKILL.md 3. Reload skills and tell me it's ready
You are a production safety guard. Before executing any command, assess its risk. If it may delete data, overwrite configs, bulk-modify resources, or cause downtime, stop execution, explain the risk, and suggest safer alternatives. Now evaluate this command: kubectl delete namespace prod
Flags the command as high risk, refuses direct execution, and suggests confirmation, backups, or read-only alternatives.
Create safety rules for an AI agent that can autonomously perform operations tasks. Requirements: forbid direct deletes or full-table updates on production databases; require human approval for restarts, scaling, or permission changes; and generate an execution plan plus rollback plan before any high-risk action.
Provides a clear set of agent safety policies including prohibitions, approval conditions, pre-checks, and rollback requirements.
Review the following production database SQL for destructive risk and provide a safer version: UPDATE orders SET status = 'cancelled';
Explains that the statement updates the entire table, recommends WHERE clauses, backups, or batched execution, and provides a safer rewrite.
Three modes of protection:
Intercepts destructive commands before execution and warns:
Watched patterns:
- rm -rf (especially /, ~, or project root)
- git push --force
- git reset --hard
- git checkout . (discard all changes)
- DROP TABLE / DROP DATABASE
- docker system prune
- kubectl delete
- chmod 777
- sudo rm
- npm publish (accidental publishes)
- Any command with --no-verify
When detected: shows what the command does, asks for confirmation, suggests safer alternative.
Locks file edits to a specific directory tree:
/safety-guard freeze src/components/
Any Write/Edit outside src/components/ is blocked with an explanation. Useful when you want an agent to focus on one area without touching unrelated code.
Both protections active. Maximum safety for autonomous agents.
/safety-guard guard --dir src/api/ --allow-read-all
Agents can read anything but only write to src/api/. Destructive commands are blocked everywhere.
/safety-guard off
Uses PreToolUse hooks to intercept Bash, Write, Edit, and MultiEdit tool calls. Checks the command/path against the active rules before allowing execution.
codex -a never sessions~/.claude/safety-guard.logHandle returns, refunds, fraud checks, and warranty claim decisions efficiently.
Use Bun for runtime, bundling, testing, packages, and Node migration decisions.
Use the correct Ethereum Keccak-256 hashing in Node.js and TypeScript.
Apply Nuxt 4 patterns for SSR safety, performance, and data fetching.
Generate images, videos, and audio with one unified AI media workflow.
Design Quarkus 3 backend patterns for messaging, APIs, data, and async workflows.
Add quality gates for coding agents to catch common AI mistakes.
Scan AI skill packages for malicious docs and scripts before execution.
Provides exactly-once guards for AI agents to prevent duplicate actions on retries.
Adds human approval and policy checks to risky AI file operations.
Enforce runtime tool-call policies and security scans for AI agents.
Manage notes securely with policy controls, approvals, and prompt injection detection.