Can I allow a specific high-risk command to run once?

Certain patterns can be configured with an 'ask: true' flag, which prompts the user for manual confirmation instead of blocking the command outright.

Does this plugin require any additional software?

Yes, this plugin requires 'uv' (a fast Python package runner) to be installed on your system to manage its execution environment.

What happens if the AI tries to access a protected file?

The tool call is automatically intercepted and blocked, and the AI receives a notification that the requested action is prohibited by the security system.

How does Damage Control stop dangerous commands?

It utilizes PreToolUse hooks to intercept and scan bash commands against a predefined list of dangerous regex patterns before they are allowed to execute.

Can I customize which files are protected?

Yes, users can easily define their own zero-access, read-only, and no-delete paths within the patterns.yaml configuration file.

Damage Control Security

Name: Damage Control Security
Author: ThrownLemon

byThrownLemon

•

Seguridad y Pruebas

Secures your development environment by intercepting and blocking destructive terminal commands and protecting sensitive files from accidental exposure.

Damage Control is a defense-in-depth security plugin for Claude Code that acts as a robust safety barrier between the AI and your local file system. By utilizing PreToolUse hooks, it proactively monitors outgoing tool calls to prevent catastrophic actions like recursive file deletion, forced git pushes, or unauthorized access to private credentials and SSH keys. This skill is essential for developers who want to grant Claude more autonomy while maintaining strict guardrails over their system integrity, private data, and cloud resources.

Características Principales

01Configures specific system and project files as read-only to prevent unauthorized edits

02Intercepts and blocks dangerous bash commands like 'rm -rf' and 'git push --force'

03Provides interactive confirmation prompts for high-risk operations via 'ask' patterns

041 GitHub stars

05Offers fully customizable protection patterns through a simple YAML configuration file

06Enforces zero-access policies for sensitive directories including ~/.ssh and .env files

Casos de Uso

01Preventing accidental deletion of critical project files or build outputs during AI refactoring

02Hardening the local developer environment against unintended AI behavior or prompt injections

03Restricting the AI's ability to read or modify sensitive environment secrets and private keys

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add thrownlemon/claude-code-plugins damage-control

For use in Claude.ai and ChatGPT

Download Skill