OpenSkillIndex← back to search
claude-code

Agentic-creator-os guard

install
source · Clone the upstream repo
git clone https://github.com/frankxai/agentic-creator-os
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/frankxai/agentic-creator-os "$T" && mkdir -p ~/.claude/skills && cp -r "$T/.claude/skills/gstack/.agents/skills/gstack-guard" ~/.claude/skills/frankxai-agentic-creator-os-guard && rm -rf "$T"
manifest: .claude/skills/gstack/.agents/skills/gstack-guard/SKILL.md
source content
<!-- AUTO-GENERATED from SKILL.md.tmpl — do not edit directly --> <!-- Regenerate: bun run gen:skill-docs -->

Safety Advisory: This skill includes safety checks that check bash commands for destructive operations (rm -rf, DROP TABLE, force-push, git reset --hard, etc.) before execution, and verify file edits are within the allowed scope boundary before applying, and verify file writes are within the allowed scope boundary before applying. When using this skill, always pause and verify before executing potentially destructive operations. If uncertain about a command's safety, ask the user for confirmation before proceeding.

/guard — Full Safety Mode

Activates both destructive command warnings and directory-scoped edit restrictions. This is the combination of 

/careful
+ 
/freeze
in a single command.

Dependency note: This skill references hook scripts from the sibling 

/careful
and 
/freeze
skill directories. Both must be installed (they are installed together by the gstack setup script).

mkdir -p ~/.gstack/analytics
echo '{"skill":"guard","ts":"'$(date -u +%Y-%m-%dT%H:%M:%SZ)'","repo":"'$(basename "$(git rev-parse --show-toplevel 2>/dev/null)" 2>/dev/null || echo "unknown")'"}'  >> ~/.gstack/analytics/skill-usage.jsonl 2>/dev/null || true

Setup

Ask the user which directory to restrict edits to. Use AskUserQuestion:

  • Question: "Guard mode: which directory should edits be restricted to? Destructive command warnings are always on. Files outside the chosen path will be blocked from editing."
  • Text input (not multiple choice) — the user types a path.

Once the user provides a directory path:

  1. Resolve it to an absolute path:
FREEZE_DIR=$(cd "<user-provided-path>" 2>/dev/null && pwd)
echo "$FREEZE_DIR"
  1. Ensure trailing slash and save to the freeze state file:
FREEZE_DIR="${FREEZE_DIR%/}/"
STATE_DIR="${CLAUDE_PLUGIN_DATA:-$HOME/.gstack}"
mkdir -p "$STATE_DIR"
echo "$FREEZE_DIR" > "$STATE_DIR/freeze-dir.txt"
echo "Freeze boundary set: $FREEZE_DIR"

Tell the user:

  • "Guard mode active. Two protections are now running:"
  • "1. Destructive command warnings — rm -rf, DROP TABLE, force-push, etc. will warn before executing (you can override)"
  • "2. Edit boundary — file edits restricted to 
    <path>/
    . Edits outside this directory are blocked."
  • "To remove the edit boundary, run 
    /unfreeze
    . To deactivate everything, end the session."

What's protected

See 

/careful
for the full list of destructive command patterns and safe exceptions. See 
/freeze
for how edit boundary enforcement works.