Create and manage AST ban rules to block specific code syntax patterns.
Copy the install command and let the AI configure it · recommended for beginners
Please install the "manage-bans" skill from askskill: 1. Download https://raw.githubusercontent.com/microsoft/vscode-team-kit/main/ban-ast/skills/manage-bans/SKILL.md 2. Save it as ~/.claude/skills/manage-bans/SKILL.md 3. Reload skills and tell me it's ready
Create an AST ban rule to block the use of eval() in JavaScript, and provide the rule name, match pattern, and a short explanation.
A ban rule definition that blocks eval(), including the rule name, AST pattern, and purpose.
Add a tree-sitter lint rule for a TypeScript project that forbids direct use of the any type. Output the rule approach, matched nodes, and violation message.
A tree-sitter lint rule plan explaining how to detect any types and warn developers when matched.
Add a set of AST ban patterns to prevent bare except clauses, hardcoded passwords, and print debugging statements in Python edits, and explain each reason.
A set of ban pattern configurations covering bare except, hardcoded passwords, and debug prints, with reasons for each.
Ban rules are discovered from two sources, both checked by the preToolUse hook:
$HOME/.BANNED_AST.md — global rules that apply to all edits, regardless of project.BANNED_AST.md files in any parent directory of the edited file — can contain multiple rules, scoped to that subtree.$HOME/.BANNED_AST.md)Place a BANNED_AST.md in your home directory to define rules that apply globally to every edit. It uses the same multi-rule format as directory-scoped files:
---
name: no-eval
message: "Do not use eval(). It poses a security risk and should be replaced with safer alternatives."
---
(call_expression
function: (identifier) @fn
(#eq? @fn "eval"))
~/.BANNED_AST.md.--- frontmatter containing name and message, followed by --- and the Tree Sitter query.BANNED_AST.md Files (Directory-Scoped)Place a BANNED_AST.md file in any directory to ban patterns for all files at or below that directory. The hook walks up from each edited file's directory to the filesystem root, collecting rules from every BANNED_AST.md it finds.
A single BANNED_AST.md can contain multiple rules, each separated by its own frontmatter block:
---
name: no-eval
message: "Do not use eval(). It poses a security risk."
---
(call_expression
function: (identifier) @fn
(#eq? @fn "eval"))
---
name: no-console-log
message: "Avoid console.log() in production code."
---
(call_expression
function: (member_expression
object: (identifier) @obj
property: (property_identifier) @prop)
(#eq? @obj "console")
(#eq? @prop "log"))
Each rule section starts with --- frontmatter containing name and message, followed by ---, then the Tree Sitter query body. The next --- begins the next rule.
~/.BANNED_AST.md — personal global bans that apply everywhere regardless of file location.BANNED_AST.md — scoped bans for subtrees (e.g. ban any in src/ but allow it in tests/).When both sources define a rule with the same name, the BANNED_AST.md closer to the edited file takes precedence.
<name> justification: ...).The body contains a Tree Sitter query that matches the banned AST nodes. These use S-expression syntax with optional predicates like #eq? and #match?.
~/.BANNED_AST.md)---
name: no-eval
message: "Do not use eval(). It poses a security risk. Use Function constructor or a sandboxed interpreter instead."
---
(call_expression
function: (identifier) @fn
(#eq? @fn "eval"))
BANNED_AST.mdPlace this in a project directory to ban multiple patterns for all files below it:
---
name: no-console-log
message: "Avoid console.log() in production code. Use a structured logging framework instead."
---
(call_expression
function: (member_expression
object: (identifier) @obj
property: (property_identifier) @prop)
(#eq? @obj "console")
(#eq? @prop "log"))
---
name: no-any-type
message: "Do not use the 'any' type. Use 'unknown' or a concrete type instead."
---
(predefined_type) @type
(#eq? @type "any")
…
Let AI agents read and write memory with environment-aware storage fallback.
Gather independent multi-model plans and debates for implementation and architecture decisions.
Get high-signal second opinions on plans, designs, and implementations early.
Analyze VS Code rolling build health and identify breaking commit ranges.
Quickly set up Component Explorer with Vite and AI agent integration.
Add emoji reactions to GitHub issues or pull requests quickly.
Perform ClawHub moderation actions like bans, role changes, and status checks.
Get context-aware coding rules, development guidance, and AI-curated advice.
Generate and edit images with natural language, storyboards, icons, and video-to-image.
Search high-quality AI art prompts by tag or keyword with direct links.
Manage subscription status for GitHub notification threads and reduce noise.
Inspect and configure WAF protection for a Power Pages production site.