HardStop
v1.4.8ACTIVATE THIS SKILL FOR ANY SHELL COMMAND OR FILE READ. Check curl, wget, rm, sudo, apt, dpkg, chmod, dd, format, powershell, bash, sh. Check pipe patterns l...
⭐ 0· 539·1 current·1 all-time
byFrancesco Marinoni Moretto@frmoretto
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill describes runtime behavior that depends on a locally installed plugin (python ~/.claude/plugins/hs/commands/hs_cmd.py, ~/.hardstop/skip_next, hooks that block commands). However the published skill is instruction-only (no install spec, no code files, no required binaries). Either the skill assumes an out-of-band installation of the plugin or the bundle is incomplete; both are plausible but the lack of alignment is incoherent.
Instruction Scope
The SKILL.md instructs the agent to inspect and act on arbitrary shell commands, to run local python scripts, to check and modify files under the user home (e.g., ~/.hardstop/skip_next, ~/.claude/plugins/hs/...), and to block reads of credential files. Those file/command operations go beyond simple read-only guidance and require local artifacts and hooks that are not provided. If the referenced scripts/hooks are absent, the instructions will fail or behave unpredictably.
Install Mechanism
No install spec or code files are included, yet the document repeatedly references an installed plugin (and a GitHub repo). The skill therefore lacks the mechanism it says is necessary to implement its runtime behavior. This is a mismatch: either the skill should include an installer or explicitly state that it only augments an independently installed plugin.
Credentials
The skill requests no environment variables or credentials (proportionate), and explicitly instructs blocking reads of .env, .ssh, .aws, etc. However, the instructions still require filesystem access (home-folder paths and plugin paths). That access is not declared in the metadata and could be surprising to users if the agent attempts to read or write those paths.
Persistence & Privilege
The skill metadata does not request permanent presence (always:false). The SKILL.md states the external plugin installs persistent hooks that block commands; because those hooks are external to this bundle, the skill itself does not request additional privileges — but the narrative implies persistent system-level behavior if the external plugin is installed. This ambiguous split of responsibilities is worth clarifying.
What to consider before installing
This skill's instructions assume a locally installed Hardstop plugin and local scripts at paths like ~/.claude/plugins/hs/commands/hs_cmd.py and ~/.hardstop/skip_next, but the skill package provides neither an installer nor code. Before installing or enabling this skill: (1) Verify whether you already have the referenced Hardstop plugin installed; inspect the exact paths and confirm the python scripts exist and are from a trusted source (check the GitHub repo mentioned in SKILL.md). (2) If you do not have the plugin, do not enable the skill expecting it to enforce command blocking — either obtain and review the plugin installer code or ask the skill author for an install spec. (3) Be cautious about allowing the agent to run commands that modify files in your home directory or to execute /hs skip behavior; test in a sandbox or VM first. (4) If you proceed, ensure the plugin code is audited (or comes from a verified release) and consider restricting autonomous agent invocation until you confirm the hook behavior. If you want, I can (a) fetch and summarize the referenced GitHub repo for you, or (b) list specific checks to verify the local scripts before enabling the skill.Like a lobster shell, security has layers — review code before you run it.
latestvk97dqvq55m3w5h6400mt2fbmtd825n6a
License
MIT-0
Free to use, modify, and redistribute. No attribution required.