← Back to Skills Marketplace

Rm Safety

Name: Rm Safety
Author: caesaryp

by CaesarYP · GitHub ↗ · v1.2.2 · MIT-0

cross-platform ✓ Security Clean

159

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install rm-safety

Description

Intercepts risky rm commands to assess impact, confirm user intent, and suggest safer alternatives before execution to prevent accidental data loss.

Usage Guidance

This skill appears coherent and limited to local safety checks before deletes, but consider the following before installing: - The skill must run inside the agent's execution context to intercept 'rm' calls — it cannot retroactively stop deletes you run directly in a shell outside the agent. - Impact assessments use find/ls/realpath on the given path; for very large directories these checks can be slow or resource-heavy. - Confirm the backup behavior (it writes to /tmp by default) meets your needs; /tmp is ephemeral and not intended as long-term backup. - The package metadata references a GitHub repo/ClawHub page while registry source/homepage fields are empty — if you want a higher assurance, review the upstream repository (README links are provided) before enabling the skill. - Remember the agent will still execute the original rm command if you explicitly confirm; the skill is a guard not an automatic quarantine.

Capability Analysis

Type: OpenClaw Skill Name: rm-safety Version: 1.2.2 The rm-safety skill is a security-focused utility designed to prevent accidental data loss by intercepting destructive commands like 'rm', 'unlink', and 'shred'. It implements defensive coding practices such as path quoting and the use of the '--' separator to prevent option injection, and it explicitly instructs the agent to refuse system-critical deletions (e.g., 'rm -rf /'). No evidence of data exfiltration, malicious execution, or prompt injection was found in SKILL.md or README.md.

Capability Assessment

✓ Purpose & Capability

Name/description match the SKILL.md: the skill only asks the agent to detect RM-like commands, assess the target (ls, find, realpath, test), prompt the user, and optionally run backups or alternative commands. No unrelated credentials, binaries, or network access are requested. Minor note: README mentions a GitHub repo and ClawHub install path while registry metadata lists 'Source: unknown' and no homepage — this is a small metadata inconsistency but does not change functionality.

✓ Instruction Scope

Runtime instructions are narrowly scoped to local filesystem checks (ls, find, realpath, test -e), confirmation prompts, and optional local backup/move operations. The instructions explicitly emphasize quoting, using '--', and refusing destructive global patterns (e.g., 'rm -rf /'). They do not instruct reading unrelated files or sending data externally. One operational caveat: counting files with find on very large directories can be slow or resource-intensive, which is expected behavior for an impact assessment but worth noting.

✓ Install Mechanism

Instruction-only skill with no install spec or code to fetch — lowest install risk. README suggests optional cloning or npx clawhub install, but the skill package itself contains no install script or remote downloads.

✓ Credentials

The skill requires no environment variables, credentials, or access to unrelated config paths. All commands operate on paths provided by the user/agent and local filesystem state. The backup target (/tmp) and workspace checks are proportional to the task.

✓ Persistence & Privilege

always is false and the skill does not request elevated or persistent system-wide privileges. It does not modify other skills or system configs. Autonomous invocation (disable-model-invocation: false) is normal for skills; here there is no additional concerning privilege.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install rm-safety
After installation, invoke the skill by name or use /rm-safety
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.2.2

Version bump to 1.2.2: Unified metadata version, bilingual EN/ZH documentation, MIT-0 license, security hardened with path injection prevention | 版本更新至 1.2.2：统一元数据版本，中英双语文档，MIT-0 许可证，安全加固（路径注入防护）

v1.2.1

Updated metadata: bilingual EN/ZH, MIT-0 license, security hardened with path injection prevention, GitHub release ready | 更新元数据：中英双语，MIT-0 许可证，安全加固（路径注入防护），GitHub 发布就绪

v1.2.0

Added security hardening: path quoting, -- option separator, existence checks, and clearer activation rules to prevent command injection | 添加安全加固：路径引用、-- 选项分隔符、存在性检查和更清晰的激活规则，防止命令注入

v1.1.0

Added bilingual EN/ZH support for international users | 添加中英文双语支持，面向国际用户

v1.0.0

- Initial release of rm-safety skill for high-risk command protection. - Intercepts and requires user confirmation before executing dangerous file deletion commands (e.g., rm, unlink, shred). - Provides detailed impact assessment and safer alternatives when such commands are detected. - Does not trigger for recoverable delete actions (trash, mv to trash). - Includes exception handling and clear instructions for user responses.

Metadata

Slug rm-safety

Version 1.2.2

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 5

Frequently Asked Questions

What is Rm Safety?

Intercepts risky rm commands to assess impact, confirm user intent, and suggest safer alternatives before execution to prevent accidental data loss. It is an AI Agent Skill for Claude Code / OpenClaw, with 159 downloads so far.

How do I install Rm Safety?

Run "/install rm-safety" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Rm Safety free?

Yes, Rm Safety is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Rm Safety support?

Rm Safety is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Rm Safety?

It is built and maintained by CaesarYP (@caesaryp); the current version is v1.2.2.

More Skills