← Back to plugins

guard

Hook by TracineHQ

PreToolUse hooks for Claude Code that deny dangerous shell, git, and credential commands before they run: `rm -rf /` shapes, `git push --force`, `python -c` / `node -e` eval, pipe-to-shell, live credentials (`gh auth token`, `aws sts get-session-token`, `op read`), `git -c core.hooksPath=…` injection, silent commit reuse (`git commit -C HEAD~1`, `--reuse-message`). Each deny names the rule and prints a one-line override (`guard allowlist allow-command …`); decisions stream to a JSONL log the optional CLI reads (`pipx install tracine-guard`, then `guard noisy --since 24h` or `guard trace <session>`). Apache-2.0, no third-party deps. Defense in depth alongside Claude Code's own permissions — especially valuable for autonomous agent windows where no human is present to answer an ASK, so denies act as a hard floor. Not a sandbox or exfiltration boundary; see SECURITY.md.

/plugin install guard@claude-community