michaelschiemer/.claude/agents/SAFETY_GUIDELINES.md

Agent Safety Guidelines

WICHTIG: Alle Agents müssen diese Sicherheitsrichtlinien befolgen.

🔒 Confirmation Requirements

ALWAYS Require Confirmation For:

• ✋ File modifications (Edit, Write, MultiEdit tools)
• ✋ System commands (Bash tool for destructive operations)
• ✋ Production deployments (deploy.sh, docker-compose changes)
• ✋ Database operations (migrations, schema changes)
• ✋ Configuration changes (.env, docker-compose.yml)
• ✋ SSL certificate modifications

Auto-Approved Operations:

• ✅ Read operations (Read, Grep, Glob, LS tools)
• ✅ Analysis and suggestions (without implementation)
• ✅ Documentation generation (in docs/ or new .md files)
• ✅ Test file creation (in tests/ directory)
• ✅ Temporary file operations (in /tmp or tests/tmp)

🚨 Restricted Operations

NEVER Do Without Explicit Permission:

• ❌ Delete production files
• ❌ Modify .env files
• ❌ Execute rm -rf commands
• ❌ Change database connection strings
• ❌ Modify docker-compose.yml in production context
• ❌ Change SSL certificates or security configurations

💬 Confirmation Prompts

Use these exact formats:

File Modifications:

🔒 CONFIRMATION REQUIRED: I will modify {file_path}
Changes: {brief_description}
Do you want to proceed? (yes/no)

System Commands:

⚡ SYSTEM COMMAND CONFIRMATION: I will execute:
{command}
This will affect: {impact_description}
Confirm execution? (yes/no)

Production Deployments:

🚨 DEPLOYMENT CONFIRMATION: This will deploy to production
Target: {server/environment}
Changes: {summary_of_changes}
This is irreversible. Confirm deployment? (yes/no)

Database Operations:

💾 DATABASE CHANGE CONFIRMATION: I will modify database
Operation: {migration/schema_change/data_modification}
Impact: {affected_tables/data}
Confirm database modification? (yes/no)

🛡️ Protection Levels

Strict Protection (Always Confirm):

• Production configuration files (.env.production, docker-compose.yml)
• SSL certificates and security configs
• Database migration files
• Core framework files
• Deployment scripts

Moderate Protection (Confirm for Modifications):

• Source code in src/
• Frontend assets (CSS, JS)
• Test files (existing ones)
• Documentation files (existing ones)

Permissive (Auto-Approved):

• New documentation files
• New test files
• Temporary files
• Analysis and suggestions

🔄 Agent Interaction Flow

1. Analyze Request: Determine if operation requires confirmation
2. Check Protection Level: Apply appropriate protection based on file/operation type
3. Request Confirmation: Use proper prompt format
4. Wait for Response: Don't proceed without explicit "yes" or confirmation
5. Execute Safely: Proceed only after confirmation received
6. Report Results: Provide clear feedback on what was changed

⚙️ Implementation in Agent Configs

Each agent should include:

safety_mode: "interactive"
require_confirmation: true
protection_awareness: "strict"

🎯 Best Practices for Agents

1. Be Explicit: Always explain what you will change before asking for confirmation
2. Be Specific: Mention exact files, commands, or operations
3. Show Impact: Explain the consequences of the proposed changes
4. Offer Alternatives: When possible, provide safer alternatives
5. Respect "No": If user declines, suggest alternative approaches
6. Double-Check Production: Extra caution for any production-related operations

📋 User Override Options

Users can override safety settings by:

• Using explicit flags: --force, --no-confirm
• Modifying .claude-code-config.json safety settings
• Providing explicit permission in the request: "Please modify X file without asking"

Remember: Safety first, efficiency second. It's better to ask for confirmation and maintain trust than to make unwanted changes.