Stats
Actions
Tags
How this skill is triggered — by the user, by Claude, or both
Slash command
/claude-gatekeeper:helpThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
PCRE2 regex-based permission gatekeeper for Claude Code tool calls. Deny always wins.
PCRE2 regex-based permission gatekeeper for Claude Code tool calls. Deny always wins.
| Category | Pattern | Reason |
|---|---|---|
| Destructive git | git reset --hard, git clean -f, git push --force, git commit --amend, git branch -D | Prevents irreversible git operations |
| Push to main/master | git push origin main or implicit push while on main/master | Protects default branches |
| Recursive delete | rm -r, rm -rf | Prevents accidental data loss |
| sed/awk | sed, awk | Forces the Edit tool for traceability |
| Destructive SQL | DROP, TRUNCATE, DELETE FROM | Prevents data loss |
| Credential files | .env, .envrc, *key.json, id_rsa, .pem, credentials | Blocks secret file access |
Git, GitHub CLI, Docker, Python toolchain, Go toolchain, pnpm, build systems, JavaScript/TypeScript tools, shell utilities, infrastructure tools, OpenSSL, timeout wrapper, Read, Edit, Write, Glob, Grep, Agent, WebFetch, WebSearch.
Edit ~/.claude/gatekeeper.toml for global rules. Add .claude/gatekeeper.toml in any project for per-project overrides. Deny always wins across all layers.
Uncomment the npm deny rule in ~/.claude/gatekeeper.toml if you want to enforce pnpm.
Add --debug to the hook command in hooks/hooks.json to see rule evaluation on stderr (visible via Ctrl+R in Claude Code).
npx claudepluginhub jim80net/claude-plugins --plugin claude-gatekeeperGenerates PermissionRequest hooks that auto-approve safe operations, auto-deny dangerous ones, and tailor rules to detected project stack. Safer alternative to --dangerouslySkipPermissions for manual permission mode.
Configure allow/deny/ask permission rules in .claude/settings.json for Claude Code tools like Bash(git:*), Write, Edit. Builds layered policies with glob patterns for git commands.
Guides creation of markdown-based Hookify rules to block dangerous bash commands, warn on risky file edits, and enforce behavioral guardrails in Claude Code.