What is the HardStop Claude Code skill?

HardStop is a safety layer that monitors AI-generated shell commands, blocking destructive actions and requiring user confirmation for risky operations to prevent system damage.

Does HardStop protect against prompt injection?

Yes, it specifically looks for patterns where an AI might be manipulated into running malicious commands disguised as legitimate system tasks or instructions.

How does HardStop handle package managers?

It monitors package manager operations (apt, dpkg, rpm) for dangerous force flags that could bypass system safety checks and leave the OS in an unstable state.

Which platforms does HardStop support?

The skill provides comprehensive coverage for Unix-based systems (Linux/macOS), Windows environments, and major cloud providers via their respective CLIs.

Can I still run commands that HardStop flags as risky?

Yes. While HardStop blocks 'Instant Block' patterns (like rm -rf /), it allows 'Risky' and 'Dangerous' commands to proceed if the user provides explicit, informed consent.

HardStop Command Safety

Name: HardStop Command Safety
Author: frmoretto

byfrmoretto

•

Security & Testing

Protects your system from dangerous AI-generated shell commands and hallucinations through real-time safety validation.

HardStop provides a critical safety layer for Claude Code by implementing a mandatory pre-execution protocol that prevents the execution of destructive commands. It acts as a mechanical brake for the agentic AI era, identifying high-risk patterns—such as recursive deletions, system-level modifications, and credential exfiltration—before they can cause harm. By categorizing actions into Safe, Risky, and Dangerous tiers, it ensures developers maintain full control over their environment while benefiting from AI automation without the fear of accidental system damage or prompt injection attacks.

Key Features

01Real-time detection and blocking of destructive Unix and Windows commands

02Protection against exfiltration of sensitive files like SSH keys and AWS credentials

03Safety validation for Cloud CLIs (AWS, GCP, kubectl) and package managers (apt, dpkg, rpm)

04Multi-tier risk assessment (SAFE/RISKY/DANGEROUS) with tailored response protocols

05Detection of hidden threats within shell wrappers like xargs, find -exec, and bash -c

066 GitHub stars

Use Cases

01Validating AI-suggested commands from Stack Overflow or external documentation before execution

02Preventing accidental system destruction during complex terminal-based automation

03Securing the development environment against malicious code execution from prompt injections

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add frmoretto/hardstop hardstop

For use in Claude.ai and ChatGPT

Download Skill