file-guard
PreToolUse protection blocking sensitive file access across 195+ patterns in 12 categories with bash pipeline analysis and multi-tool ignore support.
Best use case
file-guard is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
PreToolUse protection blocking sensitive file access across 195+ patterns in 12 categories with bash pipeline analysis and multi-tool ignore support.
Teams using file-guard should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/file-guard/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How file-guard Compares
| Feature / Agent | file-guard | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
PreToolUse protection blocking sensitive file access across 195+ patterns in 12 categories with bash pipeline analysis and multi-tool ignore support.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# File Guard ## Overview Real-time file access protection system that blocks sensitive file reads, writes, and indirect access attempts. Covers 195+ file patterns across 12 security categories. ## 12 Categories ### 1. Secrets `.env`, `.env.*`, `.secret`, `secrets.*`, `vault.*` ### 2. Credentials `credentials.*`, `password.*`, `auth.json`, `oauth.*` ### 3. SSH Keys `id_rsa`, `id_ed25519`, `*.pem`, `authorized_keys`, `known_hosts` ### 4. Certificates `*.crt`, `*.cert`, `*.ca-bundle`, `ssl/*`, `tls/*` ### 5. Environment Files `.env.local`, `.env.production`, `.env.staging`, `docker.env` ### 6. Auth Tokens `token.*`, `jwt.*`, `session.*`, `cookie.*` ### 7. Database Configs `database.yml`, `db.json`, `*.sqlite`, `*.db`, `pgpass` ### 8. Cloud Configs `.aws/*`, `.gcp/*`, `.azure/*`, `terraform.tfvars` ### 9. CI/CD Secrets `.github/secrets`, `.gitlab-ci.yml` variables, Jenkins credentials ### 10. Private Keys `*.key`, `*.p12`, `*.pfx`, `*.keystore`, `*.jks` ### 11. API Keys `api_key.*`, `apikey.*`, `api-credentials.*` ### 12. Sensitive Configs `config/secrets/*`, `.htpasswd`, `shadow`, `gshadow` ## Bash Pipeline Analysis Detects indirect file access through bash pipes: - `cat .env | grep` -- blocked - `base64 .ssh/id_rsa | curl` -- blocked - Nested command substitution with sensitive paths -- blocked ## Multi-Tool Ignore Support Approved exceptions can be configured per session for files that need legitimate access. ## When to Use - Always active during ClaudeKit sessions (PreToolUse hook) - Integrated into safety pipeline initialization ## Processes Used By - `claudekit-orchestrator` (pipeline setup) - `claudekit-safety-pipeline` (file guard initialization)
Related Skills
performance-profiler
Profile application performance including CPU, memory, and flame graph generation
nsight-profiler
Expert skill for NVIDIA Nsight Systems and Nsight Compute profiling tools. Configure profiling sessions, analyze kernel reports, interpret occupancy metrics, roofline model data, memory bandwidth bottlenecks, and warp execution efficiency.
unity-profiler
Unity Profiler skill for performance analysis, frame debugging, memory profiling, and optimization workflows.
power-profiler
Power consumption measurement and analysis expertise for embedded systems. Integrates with power analyzer tools to measure, profile, and optimize power consumption in battery-powered and energy-efficient designs.
metaphlan-profiler
MetaPhlAn metagenomic profiling skill for species-level community composition
humann-functional-profiler
HUMAnN functional profiling skill for metagenomic pathway analysis
startup-time-profiler
Profile and optimize application startup time for desktop applications
file-watcher-setup
Set up cross-platform file system watching with debouncing and efficient change detection
file-dialog-abstraction
Cross-platform file dialog implementation for open, save, and directory selection
electron-memory-profiler
Profile Electron app memory usage, detect leaks, analyze renderer process memory, and optimize memory consumption
data-quality-profiler
Profiles data assets to assess quality dimensions, detect anomalies, and generate comprehensive data quality reports with actionable recommendations.
code-profiler
Profile code performance and identify bottlenecks