garrytan/careful
careful/SKILL.md
Safety guardrails for destructive commands. Warns before rm -rf, DROP TABLE, force-push, git reset --hard, kubectl delete, and similar destructive operations. User can override each warning. Use when touching prod, debugging live systems, or working in a shared environment. Use when asked to "be careful", "safety mode", "prod mode", or "careful mode". (gstack)
$ install --global
skillsauthnpx skillsauth add garrytan/gstack carefulInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 4, 2026, 11:35 PM9.3s3 files scanned
SKILL.md
- name:
- careful
- version:
- 0.1.0
- description:
- |
- - matcher:
- Bash
- - type:
- command
- command:
- bash ${CLAUDE_SKILL_DIR}/bin/check-careful.sh
- statusMessage:
- Checking for destructive commands...
<!-- AUTO-GENERATED from SKILL.md.tmpl — do not edit directly -->
<!-- Regenerate: bun run gen:skill-docs -->
/careful — Destructive Command Guardrails
Safety mode is now active. Every bash command will be checked for destructive patterns before running. If a destructive command is detected, you'll be warned and can choose to proceed or cancel.
mkdir -p ~/.gstack/analytics
echo '{"skill":"careful","ts":"'$(date -u +%Y-%m-%dT%H:%M:%SZ)'","repo":"'$(basename "$(git rev-parse --show-toplevel 2>/dev/null)" 2>/dev/null || echo "unknown")'"}' >> ~/.gstack/analytics/skill-usage.jsonl 2>/dev/null || true
What's protected
| Pattern | Example | Risk |
|---------|---------|------|
| rm -rf / rm -r / rm --recursive | rm -rf /var/data | Recursive delete |
| DROP TABLE / DROP DATABASE | DROP TABLE users; | Data loss |
| TRUNCATE | TRUNCATE orders; | Data loss |
| git push --force / -f | git push -f origin main | History rewrite |
| git reset --hard | git reset --hard HEAD~3 | Uncommitted work loss |
| git checkout . / git restore . | git checkout . | Uncommitted work loss |
| kubectl delete | kubectl delete pod | Production impact |
| docker rm -f / docker system prune | docker system prune -a | Container/image loss |
Safe exceptions
These patterns are allowed without warning:
rm -rf node_modules/.next/dist/__pycache__/.cache/build/.turbo/coverage
How it works
The hook reads the command from the tool input JSON, checks it against the
patterns above, and returns permissionDecision: "ask" with a warning message
if a match is found. You can always override the warning and proceed.
To deactivate, end the conversation or start a new one. Hooks are session-scoped.
Related Skills
garrytan/pair-agent
development
VerifiedTrustedCommunity
Pair a remote AI agent with your browser. One command generates a setup key and prints instructions the other agent can follow to connect. Works with OpenClaw, Hermes, Codex, Cursor, or any agent that can make HTTP requests. The remote agent gets its own tab with scoped access (read+write by default, admin on request). Use when asked to "pair agent", "connect agent", "share browser", "remote browser", "let another agent use my browser", or "give browser access". (gstack) Voice triggers (speech-to-text aliases): "pair agent", "connect agent", "share my browser", "remote browser access".
71,662SKILL.mdUpdated Apr 14, 2026
garrytan/gstack-openclaw-retro
development
VerifiedTrustedCommunity
Weekly engineering retrospective. Analyzes commit history, work patterns, and code quality metrics with persistent history and trend tracking. Team-aware with per-person contributions, praise, and growth areas. Use when asked for weekly retro, what shipped this week, or engineering retrospective.
71,662SKILL.mdUpdated Apr 14, 2026
garrytan/openclaw/skills/gstack-openclaw-office-hours
development
VerifiedTrustedCommunity
--- name: gstack-openclaw-office-hours description: Product interrogation with six forcing questions. Two modes: startup diagnostic (demand reality, status quo, desperate specificity, narrowest wedge, observation, future-fit) and builder brainstorm. Use when asked to brainstorm, "is this worth building", "I have an idea", "office hours", or "help me think through this". Proactively use when user describes a new product idea or wants to think through design decisions before any code is written. v
71,662SKILL.mdUpdated Apr 14, 2026
garrytan/openclaw/skills/gstack-openclaw-investigate
development
VerifiedTrustedCommunity
--- name: gstack-openclaw-investigate description: Systematic debugging with root cause investigation. Four phases: investigate, analyze, hypothesize, implement. Iron Law: no fixes without root cause. Use when asked to debug, fix a bug, investigate an error, or root cause analysis. Proactively use when user reports errors, stack traces, unexpected behavior, or says something stopped working. version: 1.0.0 metadata: { "openclaw": { "emoji": "🔍" } } --- # Systematic Debugging ## Iron Law **NO
71,662SKILL.mdUpdated Apr 14, 2026