OpenSkillIndex← back to search
claude-code

Skills git-guardrails-claude-code

Set up Claude Code hooks to block dangerous git commands (push, reset --hard, clean, branch -D, etc.) before they execute. Use when user wants to prevent destructive git operations, add git safety hooks, or block git push/reset in Claude Code.

install
source · Clone the upstream repo
git clone https://github.com/mattpocock/skills
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/mattpocock/skills "$T" && mkdir -p ~/.claude/skills && cp -r "$T/git-guardrails-claude-code" ~/.claude/skills/mattpocock-skills-git-guardrails-claude-code && rm -rf "$T"
manifest: git-guardrails-claude-code/SKILL.md
source content

Setup Git Guardrails

Sets up a PreToolUse hook that intercepts and blocks dangerous git commands before Claude executes them.

What Gets Blocked

  • git push
    (all variants including 
    --force
    )
  • git reset --hard
  • git clean -f
    / 
    git clean -fd
  • git branch -D
  • git checkout .
    / 
    git restore .

When blocked, Claude sees a message telling it that it does not have authority to access these commands.

Steps

1. Ask scope

Ask the user: install for this project only (

.claude/settings.json
) or all projects (
~/.claude/settings.json
)?

2. Copy the hook script

The bundled script is at: scripts/block-dangerous-git.sh

Copy it to the target location based on scope:

  • Project: 
    .claude/hooks/block-dangerous-git.sh
  • Global: 
    ~/.claude/hooks/block-dangerous-git.sh

Make it executable with 

chmod +x
.

3. Add hook to settings

Add to the appropriate settings file:

Project (

.claude/settings.json
):

{
  "hooks": {
    "PreToolUse": [
      {
        "matcher": "Bash",
        "hooks": [
          {
            "type": "command",
            "command": "\"$CLAUDE_PROJECT_DIR\"/.claude/hooks/block-dangerous-git.sh"
          }
        ]
      }
    ]
  }
}

Global (

~/.claude/settings.json
):

{
  "hooks": {
    "PreToolUse": [
      {
        "matcher": "Bash",
        "hooks": [
          {
            "type": "command",
            "command": "~/.claude/hooks/block-dangerous-git.sh"
          }
        ]
      }
    ]
  }
}

If the settings file already exists, merge the hook into existing 

hooks.PreToolUse
array — don't overwrite other settings.

4. Ask about customization

Ask if user wants to add or remove any patterns from the blocked list. Edit the copied script accordingly.

5. Verify

Run a quick test:

echo '{"tool_input":{"command":"git push origin main"}}' | <path-to-script>

Should exit with code 2 and print a BLOCKED message to stderr.