Is it possible to rate limit AI tool usage?

Yes, the skill includes patterns for tracking tool call frequency and returning a deny response once a specific call threshold is reached within a session.

How does the Agent Governance skill secure my files?

It uses PreToolUse hooks to intercept file-reading tools and checks requested paths against a blocklist of sensitive patterns like .env or .key files before execution.

Can I use these hooks with subagents?

Yes, governance hooks work globally for both the main agent and any subagents spawned via the Task tool, ensuring consistent security across all layers.

Can I block specific Bash commands?

Yes, you can implement regex-based validation hooks to prevent dangerous operations like 'rm -rf' or unauthorized sudo commands from being executed by the agent.

Does this skill support audit logging?

Absolutely. It provides patterns for PostToolUse hooks to record every action an agent takes, including inputs and outputs, to a persistent log for later review.

Agent Governance & Security

Name: Agent Governance & Security
Author: melodic-software

bymelodic-software

•

セキュリティとテスト

Implements security hooks and permission controls to govern AI agent behavior and protect sensitive data.

The Agent Governance skill provides a robust framework for managing the security and operational boundaries of custom Claude agents. By utilizing PreToolUse and PostToolUse hooks, developers can intercept tool calls to block unauthorized file access, prevent dangerous CLI commands, and maintain detailed audit trails. This skill is essential for production-grade agent deployments where security compliance, rate limiting, and behavioral oversight are critical requirements for maintaining system integrity.

主な機能

01Hook-based permission management via PreToolUse and PostToolUse

02Comprehensive audit logging for tool execution and session history

03Dangerous command validation for Bash and terminal-based tools

041 GitHub stars

05Sensitive file access blocking for credentials and configuration files

06Customizable rate limiting and output content filtering

ユースケース

01Securing enterprise agents by preventing access to secrets, .env files, and private keys.

02Implementing regulatory audit trails for compliance in automated coding workflows.

03Creating safe execution sandboxes for agents performing CLI-based system operations.

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add melodic-software/claude-code-plugins agent-governance

For use in Claude.ai and ChatGPT

Download Skill