18_pre_action_guard_skill

This skill validates high-stakes actions before execution, preventing data loss by ensuring safety rules align with the current plan.
  • PowerShell

20

GitHub Stars

2

Bundled Files

2 months ago

Catalog Refreshed

4 months ago

First Indexed

Readme & install

Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.

Installation

Preview and clipboard use veilstrat where the catalogue uses aiagentskills.

npx veilstrat add skill sounder25/google-antigravity-skills-library --skill 18_pre_action_guard

  • SKILL.md2.5 KB
  • VERIFICATION_REPORT.md637 B

Overview

This skill implements a Pre-Action Guard that validates potentially destructive or irreversible actions before execution. It enforces a "measure twice, cut once" policy to prevent accidental data loss or system corruption by blocking or flagging high-risk operations.

How this skill works

The guard inspects the declared action (e.g., write_to_file, rm) and its target, evaluates them against a set of safety checks and contextual plan information, and returns a structured assessment with allowed, risk_level, reason, and warnings. It auto-blocks clear dangerous patterns (root deletions), raises sensitivity for config/env targets, and detects mixed command/output snippets to enforce command-only discipline.

When to use it

  • Before any file write to an existing file
  • Before running commands that include rm, del, drop, format
  • When an agent proposes changes to config or environment files (.env, config)
  • When plan context is available and actions must be aligned with intent
  • Prior to bulk or recursive operations affecting many files or directories

Best practices

  • Always provide explicit --Action and --Target parameters; return an error if missing
  • Supply the current --Plan when available to enable alignment checks
  • Treat CRITICAL results as blockers: stop and ask for explicit user confirmation
  • Keep runnable commands isolated in clean blocks without terminal output
  • Favor safe defaults (deny on ambiguity) and surface clear remediation steps in reason/warnings

Example use cases

  • Agent wants to delete a directory: guard inspects target and blocks root or wildcard patterns
  • Agent plans to overwrite a config file: guard flags HIGH risk and requires confirmation
  • Automated deploy step proposes removing files: guard detects mixed output in snippet and rejects
  • CI job attempts recursive delete: guard returns CRITICAL for patterns like /* or C:\
  • Scripted migration writes new temporary files: guard marks as LOW or NONE depending on target

FAQ

The agent must stop and prompt the user for explicit confirmation before proceeding; do not execute the action automatically.

How does the guard treat config or .env targets?

Targets containing config or .env keywords are treated with elevated sensitivity and typically rank as HIGH risk unless additional context reduces risk.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational