Globales Ranking · von 601 Skills
destructive-command-guard AI Agent Skill
Quellcode ansehen: oakoss/agent-skills
CriticalInstallation
npx skills add oakoss/agent-skills --skill destructive-command-guard 34
Installationen
Destructive Command Guard
A high-performance Claude Code hook that intercepts and blocks destructive commands before they execute. Written in Rust with SIMD-accelerated filtering via the memchr crate and Aho-Corasick multi-pattern matching for sub-millisecond latency. Assumes agents are well-intentioned but fallible.
Overview
DCG uses a whitelist-first architecture: safe patterns are checked before destructive patterns, and unrecognized commands are allowed by default (fail-safe). This ensures legitimate workflows are never broken while known dangerous patterns are always blocked. DCG runs as a PreToolUse hook in Claude Code, receiving JSON on stdin for each Bash tool invocation and returning exit code 0 (allow) or 2 (block). It only inspects direct Bash tool invocations, not contents of shell scripts.
The processing pipeline has four stages: JSON parsing, command normalization (strips absolute paths like /usr/bin/git), SIMD quick-reject filter (skips regex for commands without git or rm), and pattern matching. The memchr crate provides hardware-accelerated substring search (SSE2/AVX2 on x86_64, NEON on ARM), while Aho-Corasick handles multi-pattern matching in O(n) time regardless of pattern count.
DCG supports 49+ modular security packs organized by category (git, filesystem, databases, containers, Kubernetes, cloud providers, infrastructure tools). Core packs (core.git, core.filesystem) are always enabled; additional packs are configured via ~/.config/dcg/config.toml or the DCG_PACKS environment variable. The dcg scan subcommand can also audit files for destructive command contexts, suitable for CI integration.
DCG is not published on crates.io; it is installed from GitHub via cargo +nightly install or prebuilt binaries for Linux, macOS, and Windows WSL. The threat model assumes agents are well-intentioned but fallible; DCG catches honest mistakes, not adversarial attacks.
Quick Reference
| Category | Blocked Commands |
|---|---|
| Uncommitted work | git reset --hard, git checkout -- <file>, git restore <file>, git clean -f |
| Remote history | git push --force / -f, git branch -D |
| Stashed work | git stash drop, git stash clear |
| Filesystem | rm -rf (outside /tmp, /var/tmp, $TMPDIR) |
| Category | Allowed Commands |
|---|---|
| Safe git | git status, git log, git diff, git add, git commit, git push, git pull, git fetch, git branch -d, git stash, git stash pop |
| Safe patterns | git checkout -b, git restore --staged, git clean -n, git push --force-with-lease |
| Temp dirs | rm -rf /tmp/*, rm -rf $TMPDIR/* |
| Setting | Value |
|---|---|
| Exit code (safe) | 0 |
| Exit code (blocked) | 2 |
| Default behavior | Allow (fail-safe) |
| Pattern priority | Safe checked first, then destructive |
| Safe patterns | 34 |
| Destructive patterns | 16 |
| Pack Category | Examples |
|---|---|
| Core (default) | core.git, core.filesystem |
| Database | database.postgresql, database.mysql, database.mongodb |
| Containers | containers.docker, containers.compose, containers.podman |
| Kubernetes | kubernetes.kubectl, kubernetes.helm, kubernetes.kustomize |
| Cloud | cloud.aws, cloud.gcp, cloud.azure |
| Infrastructure | infrastructure.terraform, infrastructure.ansible |
| System | system.disk, system.permissions, system.services |
| Other | strict_git, package_managers |
| Environment Variable | Purpose |
|---|---|
DCG_PACKS |
Enable packs (comma-separated) |
DCG_DISABLE |
Disable specific packs |
DCG_VERBOSE |
Verbose output |
DCG_BYPASS |
Bypass DCG entirely (escape hatch) |
DCG_COLOR |
Color mode (auto, always, never) |
| Installation Method | Command |
|---|---|
| Quick install | curl -fsSL ".../install.sh" | bash -s -- --easy-mode |
| From source | cargo +nightly install --git https://github.com/Dicklesworthstone/destructive_command_guard destructive_command_guard |
| Prebuilt binaries | Linux x86_64, Linux ARM64, macOS Intel, macOS Apple Silicon, Windows WSL |
| Processing Stage | Description |
|---|---|
| JSON parsing | Reads PreToolUse hook input, allows non-Bash tools |
| Normalization | Strips absolute paths (/usr/bin/git becomes git) |
| SIMD quick-reject | memchr substring search skips regex for irrelevant commands |
| Pattern matching | Safe patterns first, then destructive, default allow |
Common Mistakes
| Mistake | Correct Pattern |
|---|---|
| Forgetting to restart Claude Code after adding the hook | Always restart Claude Code after modifying ~/.claude/settings.json |
Using DCG_BYPASS=1 permanently in shell profile |
Only set bypass temporarily for a single command, then remove it |
| Assuming DCG inspects commands inside scripts | DCG only inspects direct Bash tool invocations, not contents of ./deploy.sh |
Blocking git branch -d (lowercase) thinking it is destructive |
Lowercase -d is safe (merge-checked); only uppercase -D force-deletes |
| Not enabling database or cloud packs for production environments | Configure relevant packs in ~/.config/dcg/config.toml for your stack |
| Expecting DCG to stop malicious actors | DCG catches honest mistakes; determined users can always bypass the hook |
Running cargo install without nightly toolchain |
DCG requires Rust nightly (edition 2024); use cargo +nightly install |
Delegation
- Audit which destructive commands an agent session has attempted: Use
Exploreagent - Set up DCG with custom packs for a new project environment: Use
Taskagent - Plan a layered safety architecture combining DCG with other guardrails: Use
Planagent
References
Installationen
Sicherheitsprüfung
Quellcode ansehen
oakoss/agent-skills
Mehr aus dieser Quelle
EU-Hosted Inference API Power your AI Agents with
the best open-source models.
Drop-in OpenAI-compatible API. No data leaves Europe.
Explore Inference APIGLM
GLM 5
$1.00 / $3.20
per M tokens
Kimi
Kimi K2.5
$0.60 / $2.80
per M tokens
MiniMax
MiniMax M2.5
$0.30 / $1.20
per M tokens
Qwen
Qwen3.5 122B
$0.40 / $3.00
per M tokens
So verwenden Sie diesen Skill
Install destructive-command-guard by running npx skills add oakoss/agent-skills --skill destructive-command-guard in your project directory. Führen Sie den obigen Installationsbefehl in Ihrem Projektverzeichnis aus. Die Skill-Datei wird von GitHub heruntergeladen und in Ihrem Projekt platziert.
Keine Konfiguration erforderlich. Ihr KI-Agent (Claude Code, Cursor, Windsurf usw.) erkennt installierte Skills automatisch und nutzt sie als Kontext bei der Code-Generierung.
Der Skill verbessert das Verständnis Ihres Agenten für destructive-command-guard, und hilft ihm, etablierte Muster zu befolgen, häufige Fehler zu vermeiden und produktionsreifen Code zu erzeugen.
Was Sie erhalten
Skills sind Klartext-Anweisungsdateien — kein ausführbarer Code. Sie kodieren Expertenwissen über Frameworks, Sprachen oder Tools, das Ihr KI-Agent liest, um seine Ausgabe zu verbessern. Das bedeutet null Laufzeit-Overhead, keine Abhängigkeitskonflikte und volle Transparenz: Sie können jede Anweisung vor der Installation lesen und prüfen.
Kompatibilität
Dieser Skill funktioniert mit jedem KI-Coding-Agenten, der das skills.sh-Format unterstützt, einschließlich Claude Code (Anthropic), Cursor, Windsurf, Cline, Aider und anderen Tools, die projektbezogene Kontextdateien lesen. Skills sind auf Transportebene framework-agnostisch — der Inhalt bestimmt, für welche Sprache oder welches Framework er gilt.
Made in Europe Chat with 100+ AI Models in one App.
Use Claude, ChatGPT, Gemini alongside with EU-Hosted Models like Deepseek, GLM-5, Kimi K2.5 and many more.
