Cocabadger Saferun Guard
cocabadger-saferun-guard is a Claude Code plugin for the Ship phase that blocks dangerous commands and protects sensitive files before they execute.
by Cocabadger · github.com/Cocabadger/saferun-guard
Add a runtime guard that stops dangerous Claude Code commands and sensitive file access before execution.
Add it to Claude Code
Install the plugin in Claude Code. One command, paste-ready.
/plugin install cocabadger-saferun-guard@Cocabadger/saferun-guardBuilt to be called by your agent
Skillselion is itself an MCP server. Your agent can pull this entry and a paste-ready install config straight from the API - no copy-paste.
Retrieve this entry with skillselion.get_details("plugin:Cocabadger/saferun-guard") and the paste-ready config with skillselion.get_install_config("plugin:Cocabadger/saferun-guard").
What it does
cocabadger-saferun-guard is a Claude Code security plugin that acts as a runtime firewall between what the agent wants to run and what actually executes on your machine. Solo builders and small teams often grant agents shell access for speed, which makes one bad rm, curl pipe to bash, or dotfile scrape catastrophic. This bundle centers on blocking dangerous commands and shielding sensitive paths before execution, using guard and hook vocabulary consistent with saferun-style safety tooling. It is not a full SAST suite or dependency auditor; it is an execution-time gate you register once and rely on whenever Claude proposes terminal or file operations. If you operate repos that touch API keys, customer data, or homelab infrastructure, the value is predictable denial rather than post-hoc cleanup. Pair it with normal code review habits; it reduces accidental self-inflicted damage from autonomous loops.
Highlights
- Runtime safety firewall for Claude Code command execution
- Blocks dangerous commands before they run
- Protects sensitive files from agent-driven access or edits
- Hook-oriented guardrails aligned with saferun and security keywords
- Single focused plugin (1-plugin bundle) for minimal attack surface in your stack
Why builders use it
Autonomous coding agents can run destructive shell commands or touch secret files before you notice the proposal.
After registration, risky commands and sensitive file operations can be stopped at runtime instead of repaired after damage.
At a glance
- Type - Plugin in Security.
- Adoption - 0 installs, 4 stars, 0 votes.
FAQ
Who is cocabadger-saferun-guard for?
It is for Claude Code users who execute agent-suggested commands on real machines and want guardrails before those commands run.
When should I use cocabadger-saferun-guard?
Use it whenever the agent has shell or file tools enabled, especially on repos with credentials, customer data, or irreplaceable local environments.
How do I add cocabadger-saferun-guard to my agent?
Install the Cocabadger/saferun-guard Claude Code plugin from its repository and enable its hooks or guard module per the plugin README so checks run before execution.
Comments
Share how you use cocabadger-saferun-guard, gotchas, or tips for other indie builders.
No comments yet - be the first to share how you use it.