ReddRadar
Agent skill
forge-security
Enforces security guardrails for Claude Code. Blocks access to secrets, credentials, and sensitive files. Requires confirmation for network requests and infrastructure changes. Use when accessing files, making network requests, or running infrastructure commands.
Install this agent skill to your Project
npx add-skill https://github.com/majiayu000/claude-skill-registry/tree/main/skills/development/forge-security
SKILL.md
Security Guardrails
Blocked Operations (NEVER do these)
The following are blocked without exception:
- Reading or writing
.envfiles - Accessing files matching:
*secret*,*credential*,*password*,.aws/*,.ssh/*,*token* - Running destructive IaC commands without explicit user request
See reference/blocked-patterns.md for complete list.
Ask First (require user confirmation)
These operations require explicit user approval:
- Network requests (WebFetch)
- Git push, merge, rebase operations
- Infrastructure commands: terraform plan/apply, kubectl apply, ansible-playbook
See reference/ask-patterns.md for complete list.
When Uncertain
If unsure whether an operation is safe:
- Stop and explain what you're about to do
- List what files/systems will be affected
- Wait for explicit user confirmation
Never assume permission. When in doubt, ask.
Recommended Agent Skills
Expand your agent's capabilities with these related and highly-rated skills.
majiayu000/claude-skill-registry
agent-ops-spec
Manage specification documents in .agent/specs/. Use when user provides requirements, acceptance criteria, or feature descriptions that need to be tracked and validated against implementation.
majiayu000/claude-skill-registry
agent-ops-state
Maintain .agent state files. Use at session start, after meaningful steps, and before concluding: read/update constitution/memory/focus/issues/baseline consistently.
majiayu000/claude-skill-registry
agent-ops-spec
Manage specification documents in .agent/specs/. Use when user provides requirements, acceptance criteria, or feature descriptions that need to be tracked and validated against implementation.
majiayu000/claude-skill-registry
agent-ops-testing
Test strategy, execution, and coverage analysis. Use when designing tests, running test suites, or analyzing test results beyond baseline checks.
majiayu000/claude-skill-registry
agent-ops-testing
Test strategy, execution, and coverage analysis. Use when designing tests, running test suites, or analyzing test results beyond baseline checks.
majiayu000/claude-skill-registry
agent-ops-state
Maintain .agent state files. Use at session start, after meaningful steps, and before concluding: read/update constitution/memory/focus/issues/baseline consistently.
Didn't find tool you were looking for?