How does this skill prevent catastrophic data loss?

The skill identifies high-risk patterns such as root directory destruction or broad infrastructure deletion and automatically refuses them regardless of user confirmation.

Can this skill protect my API keys and secrets?

Yes, the 'Secret Safety' policy explicitly prevents the AI from emitting secret values, keys, or raw authentication headers in its responses or command payloads.

Does it restrict the AI to my current project directory?

Yes, the skill enforces a workspace-only scope, resolving real paths to ensure that the AI cannot mutate files or escape via symlinks outside of your project root.

What is the difference between Class 2 and Class 3 actions?

Class 2 covers local destructive actions like mass file deletions, while Class 3 covers remote risks such as cloud API mutations, remote execution, and untrusted package flows.

CLI Safety Guardrails

Name: CLI Safety Guardrails
Author: AndrewRober

byAndrewRober

0•

安全与测试

Enforces strict safety policies and approval workflows for CLI operations to prevent destructive actions and credential leakage.

The CLI Safety Guardrails skill acts as a security middleware for AI-driven terminal interactions, ensuring that high-risk operations require explicit human authorization. By classifying actions into risk levels—ranging from read-only (Class 0) to catastrophic (Class X)—it automatically blocks system-level destruction and mandates safer alternatives like dry-runs for local file mutations. This skill is essential for developers using AI to manage cloud infrastructure, local file systems, or sensitive environments, providing a robust layer of protection against unintended commands and secret exposure.

主要功能

010 GitHub stars

02Automatic refusal of catastrophic system-level operations

03Workspace-root enforcement to prevent unauthorized directory escapes

04Risk-based action classification from Class 0 to Class X

05Secret leakage prevention for API keys and authentication headers

06Mandatory approval workflows for destructive and cloud-based commands

使用场景

01Protecting sensitive environment variables and credentials from being leaked in terminal outputs

02Preventing accidental mass file deletions or recursive cleanups during automated coding sessions

03Securing cloud infrastructure by requiring read-only pre-checks before any mutation commands

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add andrewrober/codexcli-guardrails guard-users-chatgpt

For use in Claude.ai and ChatGPT

Download Skill