dangerous-action-guard
dangerous-action-guard
Before executing any irreversible or high-impact action, pause and get explicit user confirmation. Log every confirmed and rejected action to an audit trail.
Dangerous action categories
| Category | Examples |
|---|---|
| File destruction | rm -rf, unlink, delete files, empty trash, wipe directories |
| Git destructive | git push --force, git reset --hard, git clean -f, git branch -D |
| External messaging | Send email, post to Slack/Teams/Discord, publish social post, reply-all |
| Financial | Confirm purchase, submit payment, execute trade, cancel subscription |
| Credentials | Rotate/delete API keys, modify OAuth apps, change passwords |
| Infrastructure | Deploy to production, drop database, terminate server instance |
| Permission changes | Share document, change access controls, make resource public |
Confirmation protocol
When about to execute a dangerous action:
More from archieindian/openclaw-superpowers
context-window-management
Prevents context overflow on long-running OpenClaw sessions. Use when approaching context limits.
28heartbeat-governor
Enforces per-skill execution budgets for scheduled cron skills — pauses runaway skills that exceed their token or wall-clock budget before they drain your monthly API allowance.
27using-superpowers
Bootstrap skill — teaches the agent how to find and invoke skills. Use when starting any new task or session.
23long-running-task-management
Breaks multi-hour tasks into checkpointed stages with resume capability. Use when a task is expected to take more than 30 minutes or multiple sessions.
22fact-check-before-trust
Triggers a secondary verification pass for any agent output containing factual claims, numbers, dates, or named entities before the output is acted on
21persistent-memory-hygiene
Keeps OpenClaw's memory store clean, structured, and useful. Use at session end and during periodic maintenance.
20