HardStop
PassAudited by ClawScan on May 1, 2026.
Overview
HardStop is a coherent safety-check skill, but users should know it uses broad command/file-read guardrails and references a separate local plugin that is not included in this artifact.
Before installing, understand that this is a conservative command-safety instruction layer. It may block or slow normal shell and file-read tasks, and its stronger hook-based behavior depends on a separate Hardstop plugin that is not included in the reviewed artifact.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The assistant may refuse, delay, or ask for confirmation before commands or sensitive file reads.
The skill intentionally changes how the agent handles a broad class of commands and file reads. This is disclosed and aligned with its safety purpose, but it can pause or block normal workflows.
ACTIVATE THIS SKILL FOR ANY SHELL COMMAND OR FILE READ... ALWAYS apply the safety protocol... BEFORE executing ANY shell command, ALWAYS run this checklist
Use this skill if you want conservative safety checks, and expect extra confirmation steps for risky commands.
Commands such as /hs skip, /hs on, /hs off, /hs status, or /hs log depend on separately installed local code.
The skill references local helper scripts from a separate plugin, but the provided registry artifact contains no code files or install spec for that plugin. This is disclosed, but the helper code is outside the reviewed artifact.
python ~/.claude/plugins/hs/commands/hs_cmd.py skip [n] ... The hs_cmd.py commands referenced above are part of the installed plugin
Review and install the Hardstop plugin only from a trusted source before relying on those helper commands or hook behavior.
A user-approved skip can override the safety block for the next command or commands.
The skill includes a documented bypass workflow for blocked commands. It requires user approval and is described as scoped, but it can still allow a dangerous command to run if the user approves.
IF USER SAYS YES: - Run the `/hs skip` command first - Then retry the original blocked command
Only use /hs skip after independently understanding the command and preferring it over safer alternatives.
If the external plugin is installed, command-blocking behavior may persist across sessions and be affected by skip state.
The document describes persistent hook behavior and a local skip-state file if the separate plugin is installed. This is disclosed and purpose-aligned, not hidden background behavior in the provided artifact.
The plugin installs hooks that provide deterministic command blocking... The hook reads `~/.hardstop/skip_next`
Check the plugin status and understand how on/off and skip settings affect future commands.