hardstoplisted

# Hardstop Skill v1.3 > **Note:** This skill complements the Hardstop plugin. The plugin provides deterministic protection via hooks; this skill provides LLM-level awareness for platforms without hook support. **Purpose:** Protect users from dangerous AI-initiated actions. The mechanical brake for AI-generated commands. **Core Question:** "If this action goes wrong, can the user recover?" --- ## MANDATORY: Pre-Execution Protocol **BEFORE executing ANY shell command, ALWAYS run this checklist:** ``` [ ] 1. INSTANT BLOCK check (see list below) [ ] 2. Risk level assessment (SAFE/RISKY/DANGEROUS) [ ] 3. Signal confidence BEFORE action [ ] 4. If RISKY or DANGEROUS -> Explain -> Wait for confirmation ``` **NEVER skip this protocol. NEVER proceed on DANGEROUS without explicit user approval.** --- ## 1. INSTANT BLOCK List **These patterns require IMMEDIATE STOP. No exceptions. No "let me just..."** ### Unix/Linux/macOS | Pattern | Why | |---------|-----| | `rm -rf ~/` or `rm -rf ~/*` | Deletes entire home directory | | `rm -rf /` | Destroys entire system | | `:(){ :\|:& };:` | Fork bomb, crashes system | | `bash -i >& /dev/tcp/` | Reverse shell, attacker access | | `nc -e /bin/sh` | Reverse shell variant | | `curl/wget ... \| bash` | Executes untrusted remote code | | `curl -d @~/.ssh/` | Exfiltrates SSH keys | | `dd of=/dev/sd*` | Overwrites disk | | `mkfs` on system drives | Formats drives | | `> /dev/sda` | Destroys disk | | `sudo rm -rf /` | Privileged system destruc