nubiv/git-guardrails-claude-code
nix-darwin/config/claude/skills/git-guardrails-claude-code/SKILL.md
Set up Claude Code hooks to block dangerous git commands (push, reset --hard, clean, branch -D, etc.) before they execute. Use when user wants to prevent destructive git operations, add git safety hooks, or block git push/reset in Claude Code.
development
Updated Apr 10, 2026
$ install --global
skillsauthnpx skillsauth add nubiv/my-nome git-guardrails-claude-codeInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 10, 2026, 2:17 AM23.2s2 files scanned
SKILL.md
- name:
- git-guardrails-claude-code
- description:
- Set up Claude Code hooks to block dangerous git commands (push, reset --hard, clean, branch -D, etc.) before they execute. Use when user wants to prevent destructive git operations, add git safety hooks, or block git push/reset in Claude Code.
Setup Git Guardrails
Sets up a PreToolUse hook that intercepts and blocks dangerous git commands before Claude executes them.
What Gets Blocked
git push(all variants including--force)git reset --hardgit clean -f/git clean -fdgit branch -Dgit checkout ./git restore .
When blocked, Claude sees a message telling it that it does not have authority to access these commands.
Steps
1. Ask scope
Ask the user: install for this project only (.claude/settings.json) or all projects (~/.claude/settings.json)?
2. Copy the hook script
The bundled script is at: scripts/block-dangerous-git.sh
Copy it to the target location based on scope:
- Project:
.claude/hooks/block-dangerous-git.sh - Global:
~/.claude/hooks/block-dangerous-git.sh
Make it executable with chmod +x.
3. Add hook to settings
Add to the appropriate settings file:
Project (.claude/settings.json):
{
"hooks": {
"PreToolUse": [
{
"matcher": "Bash",
"hooks": [
{
"type": "command",
"command": "\"$CLAUDE_PROJECT_DIR\"/.claude/hooks/block-dangerous-git.sh"
}
]
}
]
}
}
Global (~/.claude/settings.json):
{
"hooks": {
"PreToolUse": [
{
"matcher": "Bash",
"hooks": [
{
"type": "command",
"command": "~/.claude/hooks/block-dangerous-git.sh"
}
]
}
]
}
}
If the settings file already exists, merge the hook into existing hooks.PreToolUse array — don't overwrite other settings.
4. Ask about customization
Ask if user wants to add or remove any patterns from the blocked list. Edit the copied script accordingly.
5. Verify
Run a quick test:
echo '{"tool_input":{"command":"git push origin main"}}' | <path-to-script>
Should exit with code 2 and print a BLOCKED message to stderr.
Related Skills
nubiv/devlog
development
VerifiedTrustedCommunity
Manage devlogs (session journal entries) under the active repo's `.claude/devlogs/`. Subcommands - `write` creates a new date-stamped entry, `read` loads existing entries into context. Use when the user invokes `/devlog <subcommand>` or asks to write, save, recall, or load today's/recent devlogs.
SKILL.mdUpdated May 23, 2026
nubiv/wiki
development
VerifiedTrustedCommunity
Run MY_WIKI operations (ingest, query, research, lint). Use when the user wants to add sources to the wiki, ask questions against it, research new topics from the web, or audit its quality.
SKILL.mdUpdated Apr 27, 2026
nubiv/obsidian-markdown
testing
VerifiedTrustedCommunity
Create and edit Obsidian Flavored Markdown with wikilinks, embeds, callouts, properties, and other Obsidian-specific syntax. Use when working with .md files in Obsidian, or when the user mentions wikilinks, callouts, frontmatter, tags, embeds, or Obsidian notes.
SKILL.mdUpdated Apr 27, 2026
nubiv/obsidian-cli
tools
VerifiedTrustedCommunity
Interact with Obsidian vaults using the Obsidian CLI to read, create, search, and manage notes, tasks, properties, and more. Also supports plugin and theme development with commands to reload plugins, run JavaScript, capture errors, take screenshots, and inspect the DOM. Use when the user asks to interact with their Obsidian vault, manage notes, search vault content, perform vault operations from the command line, or develop and debug Obsidian plugins and themes.
SKILL.mdUpdated Apr 27, 2026