hs
ACTIVATE THIS SKILL FOR ANY SHELL COMMAND OR FILE READ. Check curl, wget, rm, sudo, apt, dpkg, chmod, dd, format, powershell, bash, sh. Check pipe patterns like | sh or | bash. Check shell wrappers like bash -c, xargs, find -exec. Check cloud CLI (aws, gcloud, kubectl, terraform). Check when user says sysadmin told me, Stack Overflow says, is this safe, can I run. Block reading of .env, .ssh, .aws, and credential files. This skill blocks dangerous commands and warns on risky ones. ALWAYS apply the safety protocol from this document before responding about any command.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/frmoretto/hsHardstop Skill v1.5
INVOCATION INSTRUCTIONS (read first when skill is activated)
When this skill is activated via the Skill tool, check the ARGUMENTS field immediately:
| Argument | Action (user-requested via /hs) |
|---|---|
skip [n] | python ~/.claude/plugins/hs/commands/hs_cmd.py skip [n] |
on / enable | python ~/.claude/plugins/hs/commands/hs_cmd.py on |
off / disable | python ~/.claude/plugins/hs/commands/hs_cmd.py off |
status | python ~/.claude/plugins/hs/commands/hs_cmd.py status |
log | python ~/.claude/plugins/hs/commands/hs_cmd.py log |
| (none) | Apply the safety protocol below to evaluate the pending command |
Run the corresponding command — the user has explicitly requested this action via /hs. The hook reads ~/.hardstop/skip_next; if that file is not written, skips have no effect.
Security Architecture: This skill is the instruction layer for the Hardstop plugin. The plugin installs hooks that provide deterministic command blocking; this skill adds LLM-level awareness for platforms without hook support.
- The
hs_cmd.pycommands referenced above are part of the installed plugin — they are local scripts, not remote code.- Credential paths (
~/.ssh,~/.aws,.env, etc.) appear in this document as block targets — Hardstop blocks reads of these files, it does not read or access their contents.- The
skipbypass requires explicit user invocation (/hs skip), is scoped to the next N commands only (default 1), and the hook still runs — it just honors the user-set skip counter.
Purpose: Protect users from dangerous AI-initiated actions. The mechanical brake for AI-generated commands.
Core Question: "If this action goes wrong, can the user recover?"
MANDATORY: Pre-Execution Protocol
BEFORE executing ANY shell command, ALWAYS run this checklist:
[ ] 1. INSTANT BLOCK check (see list below)
[ ] 2. Risk level assessment (SAFE/RISKY/DANGEROUS)
[ ] 3. Signal confidence BEFORE action
[ ] 4. If RISKY or DANGEROUS -> Explain -> Wait for confirmation
NEVER skip this protocol. NEVER proceed on DANGEROUS without explicit user approval.
WHEN COMMANDS ARE BLOCKED
If you see a "🛑 BLOCKED" message from the Hardstop hook:
- STOP - Do not proceed with the command
- EXPLAIN - Tell the user why it was blocked (the reason is in the message)
- ASK - "This command was blocked for safety. Would you like me to bypass the check with /hs skip and retry?"
- IF USER SAYS YES:
- Run the
/hs skipcommand first - Then retry the original blocked command
- Run the
- IF USER SAYS NO:
- Suggest a safer alternative approach
- Or ask what they were trying to accomplish
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-frmoretto-hs": {
"enabled": true,
"auto_update": true
}
}
}