注册

欢迎回来

登录 EAKE AI,继续您的智能之旅

忘记密码?
还没有账号?立即注册

VibeSec 安全审查

VibeSec 安全审查

安全意识检查:部署前安全审查、权限确认、风险识别 安全意识检查:部署前安全审查、权限确认、风险识别 安全意识检查:部署前安全审查、权限确认、风险识别

/careful — Destructive Command Guardrails

Safety mode is now active. Every bash command will be checked for destructive

patterns before running. If a destructive command is detected, you'll be warned

and can choose to proceed or cancel.


mkdir -p ~/.gstack/analytics
echo '{"skill":"careful","ts":"'$(date -u +%Y-%m-%dT%H:%M:%SZ)'","repo":"'$(basename "$(git rev-parse --show-toplevel 2>/dev/null)" 2>/dev/null || echo "unknown")'"}'  >> ~/.gstack/analytics/skill-usage.jsonl 2>/dev/null || true

What's protected

PatternExampleRisk
`rm -rf` / `rm -r` / `rm --recursive``rm -rf /var/data`Recursive delete
`DROP TABLE` / `DROP DATABASE``DROP TABLE users;`Data loss
`TRUNCATE``TRUNCATE orders;`Data loss
`git push --force` / `-f``git push -f origin main`History rewrite
`git reset --hard``git reset --hard HEAD~3`Uncommitted work loss
`git checkout .` / `git restore .``git checkout .`Uncommitted work loss
`kubectl delete``kubectl delete pod`Production impact

Safe exceptions

These patterns are allowed without warning:

  • rm -rf node_modules / .next / dist / __pycache__ / .cache / build / .turbo / coverage

    • 工作原理

    The hook reads the command from the tool input JSON, checks it against the

    patterns above, and returns permissionDecision: "ask" with a warning message

    if a match is found. You can always override the warning and proceed.

    To deactivate, end the conversation or start a new one. Hooks are session-scoped.

    `docker rm -f` / `docker system prune``docker system prune -a`Container/image loss

    安装指南

    复制下方命令,在终端运行即可安装:

    # 安装到当前项目
    npx skills add careful
    # 全局安装 — 所有项目可用
    npx skills add careful -g

    使用指南

    安装完成后,在对话框中直接使用此技能。

    基本信息
    作者 Community 分类 agent 难度 Intermediate 时长 1 hour
    🛠️ 安装命令
    # 安装到当前项目
    npx skills add careful
    # 全局安装
    npx skills add careful -g

    发表评论