Back to Details

safety-guard

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Safety Guard — Prevent Destructive Operations

Safety Guard — 预防破坏性操作

When to Use

何时使用

  • When working on production systems
  • When agents are running autonomously (full-auto mode)
  • When you want to restrict edits to a specific directory
  • During sensitive operations (migrations, deploys, data changes)
  • 操作生产系统时
  • Agent自主运行时(全自动模式)
  • 你需要限制只能编辑特定目录时
  • 执行敏感操作期间(迁移、部署、数据变更)

How It Works

工作原理

Three modes of protection:
三种保护模式:

Mode 1: Careful Mode

模式1:谨慎模式

Intercepts destructive commands before execution and warns:
Watched patterns:
- rm -rf (especially /, ~, or project root)
- git push --force
- git reset --hard
- git checkout . (discard all changes)
- DROP TABLE / DROP DATABASE
- docker system prune
- kubectl delete
- chmod 777
- sudo rm
- npm publish (accidental publishes)
- Any command with --no-verify
When detected: shows what the command does, asks for confirmation, suggests safer alternative.
执行前拦截破坏性命令并发出警告:
Watched patterns:
- rm -rf (especially /, ~, or project root)
- git push --force
- git reset --hard
- git checkout . (discard all changes)
- DROP TABLE / DROP DATABASE
- docker system prune
- kubectl delete
- chmod 777
- sudo rm
- npm publish (accidental publishes)
- Any command with --no-verify
检测到相关命令时,会展示命令的作用、请求确认,并推荐更安全的替代方案。

Mode 2: Freeze Mode

模式2:冻结模式

Locks file edits to a specific directory tree:
/safety-guard freeze src/components/
Any Write/Edit outside 
src/components/
is blocked with an explanation. Useful when you want an agent to focus on one area without touching unrelated code.
将文件编辑权限锁定在指定的目录树范围内:
/safety-guard freeze src/components/
任何在
src/components/
之外的写入/编辑操作都会被拦截并给出解释。当你希望Agent专注于某一区域的工作、不触碰无关代码时非常有用。

Mode 3: Guard Mode (Careful + Freeze combined)

模式3:防护模式(谨慎模式+冻结模式组合)

Both protections active. Maximum safety for autonomous agents.
/safety-guard guard --dir src/api/ --allow-read-all
Agents can read anything but only write to 
src/api/
. Destructive commands are blocked everywhere.
同时启用两种保护,为自主运行的Agent提供最高级别的安全保障:
/safety-guard guard --dir src/api/ --allow-read-all
Agent可以读取所有内容,但仅能向
src/api/
目录写入内容,所有破坏性命令在任何位置都会被拦截。

Unlock

解锁

/safety-guard off
/safety-guard off

Implementation

实现方式

Uses PreToolUse hooks to intercept Bash, Write, Edit, and MultiEdit tool calls. Checks the command/path against the active rules before allowing execution.
使用PreToolUse钩子拦截Bash、Write、Edit和MultiEdit工具调用,在允许执行前根据生效规则校验命令/路径是否合规。

Integration

集成说明

  • Enable by default for 
    codex -a never
    sessions
  • Pair with observability risk scoring in ECC 2.0
  • Logs all blocked actions to 
    ~/.claude/safety-guard.log
  • codex -a never
    会话默认启用
  • 可与ECC 2.0中的可观测风险评分功能搭配使用
  • 所有被拦截的操作都会记录到 
    ~/.claude/safety-guard.log
    文件中