Hook a Permission Layer onto Dangerous Tools
0/4 steps0%

Step 1 of 4

Define the danger rule set

Enumerate what must never run silently - concretely.

First time here? Paste the Context Pack first so the AI understands your project - open it from the header above.

Prompt Capsule
Write the danger rules as data. COMMAND PATTERNS (normalized before matching: resolve quoting, collapse whitespace): recursive deletion (rm -rf and equivalents on any path), git destructive ops (force-push, hard reset on shared branches, clean -fdx), bulk data ops (DROP/TRUNCATE, mass UPDATE without WHERE), package/system mutations (global installs, chmod -R 777, curl piped to shell). PROTECTED PATHS for writes and deletes: .env* and secret/key files, .git internals, paths outside the workspace root, CI and infra configs (approval, not block). Assign each rule a verdict (approval vs block) and a reason string. Store as a versioned config file. Review the list against my actual toolset and add tool-specific rules where needed.
Paste into EmergentFull Build: complete implementation prompt with explicit requirements

Quick is short. Full Build is recommended for most steps. Strict forces real logic when the AI keeps faking output.

Actual change check

Expected after this step

A versioned danger-rule config with verdicts and reasons.

Should NOT happen

  • An existing feature broke
  • A button only logs to console
  • Data disappears after refresh
  • Errors fail silently with no visible state

This is what should exist before you continue. If reality does not match, do not move on.

Track what changed, failed, or needs follow-up. Notes export with the flow.

Made with Emergent