dangerous-actions

Solid

Rosetta CRITICAL MUST skill. MUST activate when action or its consequence is potentially dangerous, potentially irreversible, potentially destructive, or HIGH RISK. MUST activate when consequence MAYBE dangerous even if action itself seems safe. This is enterprise environment — the cost of dangerous activities is EXTREMELY HIGH, recovery may be impossible, and blast radius may affect production, shared environments, or other teams. If there is even a remote chance - load the skill.

AI & Automation 295 stars 57 forks Updated today Apache-2.0

Install

View on GitHub

Quality Score: 92/100

Stars 20%
82
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

<dangerous_actions> <process> 1. Assess BLAST RADIUS before execution. 2. "THINK THE OPPOSITE" — what if this goes wrong? 3. Consider safer alternatives. 4. MUST REQUIRE EXPLICIT user approval for hard-deny tier (see below). Examples (not limited): - Deleting data from actual servers - Using actual servers in unit testing - git reset, deleting branches, force-push - Generating destructive scripts or commands - Modifying shared infrastructure, CI/CD, permissions - Dropping or truncating database tables Exceptions (only after blast radius): 5. Application code itself. 6. Just-created data you CAN fully recover. 7. Temporary data without side-effects. </process> <pitfalls> - Assuming local action has no remote consequence. - Generating destructive commands in scripts without flagging. </pitfalls> <hook> Active in Claude Code, Cursor, Copilot, and Codex. Windsurf: adapter ships but no plugin yet. An automated PreToolUse hook backs this skill for the highest-blast-radius patterns (Bash destructive commands, file writes to secret paths, DDL payloads in content). The hook is a deterministic tripwire — it does not replace this skill's reasoning process. Use this skill to reason about danger; the hook enforces a last-resort gate if that reasoning is skipped. ## Two-tier policy All patterns are classified as either **reconsider** (dangerous but recoverable) or **hard-deny** (catastrophic, no bypass exists): | Tier | Examples | AI behaviour on deny | |------|---------|--...

Details

Author
griddynamics
Repository
griddynamics/rosetta
Created
4 months ago
Last Updated
today
Language
TypeScript
License
Apache-2.0

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Listed

hardstop

ACTIVATE THIS SKILL FOR ANY SHELL COMMAND OR FILE READ. Check curl, wget, rm, sudo, apt, dpkg, chmod, dd, format, powershell, bash, sh. Check pipe patterns like | sh or | bash. Check when user says sysadmin told me, Stack Overflow says, is this safe, can I run. Block reading of .env, .ssh, .aws, and credential files. This skill blocks dangerous commands and warns on risky ones. ALWAYS apply the safety protocol from this document before responding about any command.

2 Updated 2 days ago
WANTKYY
AI & Automation Listed

careful

Safety guardrails for destructive commands. Warns before rm -rf, DROP TABLE, force-push, git reset --hard, kubectl delete, and similar destructive operations. User can override each warning. Use when touching prod, debugging live systems, or working in a shared environment. Use when asked to "be careful", "safety mode", "prod mode", or "careful mode". (gstack)

0 Updated 4 days ago
Tekkiiiii
Code & Development Listed

careful

Safety guardrails for destructive commands. Warns before rm -rf, DROP TABLE, force-push, git reset --hard, kubectl delete, and similar destructive operations. User can override each warning. Use when touching prod, debugging live systems, or working in a shared environment. Use when asked to "be careful", "safety mode", "prod mode", or "careful mode".

8 Updated today
HyperAITeam