Guard — Safety Guardrails
Guard protects you from accidental destructive actions by intercepting dangerous commands before they execute. It uses Claude Code's PreToolUse hooks to catch risky patterns in real-time.
Announce at start: "I'm activating Guard — destructive commands will be blocked until you explicitly approve them."
What Guard Blocks
Destructive Bash Commands
rm -rf/rm -ron important directoriesDROP TABLE/DROP DATABASE/TRUNCATEgit push --force/git push -f(to main/master)git reset --hardgit checkout ./git restore .(discard all changes)git clean -f/git clean -fdgit branch -D(force delete branch)kubectl delete(Kubernetes resource deletion)docker system prune/docker volume rm:> file/> file(truncate files)
File Edit Restrictions (Optional)
When the user specifies a directory to freeze to, Guard blocks edits outside that directory:
User: "Only edit files in src/api/"
→ Guard blocks Edit/Write calls to any path not under src/api/
How It Works
Guard installs PreToolUse hooks that run BEFORE Claude executes Bash, Edit, or Write tools:
- Bash hook — Scans the command string for destructive patterns. If matched, outputs a warning and blocks execution.
- Edit/Write hook — If a freeze directory is set, checks that the target file is within the allowed path.
The hooks are defined in this skill's configuration and activate when the skill is loaded.
Usage
Activate full protection
Just invoke /guard — destructive command blocking is immediate.
Set a directory freeze
Tell Claude which directory to restrict edits to:
"Only edit files in packages/api/"
"Freeze edits to src/components/"
Guard will write the freeze path to .ultraship/guard-freeze.txt and enforce it on all Edit/Write operations.
Remove freeze
"Unfreeze" or "Remove edit restrictions"
Override a blocked command
If Guard blocks something you actually need to run, explicitly confirm:
"Yes, I want to force-push to main"
"Confirmed: drop the users table"
Guard will allow explicitly confirmed destructive actions.
Integration with Other Skills
/investigate— Guard pairs well with investigation. No accidental fixes while diagnosing./deploy— Guard prevents accidental force-pushes during deployment./rescue— During incidents, Guard ensures rollback commands are deliberate.
Key Principles
- Block by default, allow on confirmation. Better to stop and ask than to destroy.
- No silent failures. Always explain what was blocked and why.
- The user is sovereign. Explicit confirmation overrides any guard.
- Minimal friction for safe operations. Guard only triggers on genuinely dangerous patterns.