checkpoint-guardian

Automatic risk assessment before every critical action in agentic workflows. Detects irreversible operations (file deletion, database writes, deployments, payments), classifies risk level, and requires confirmation before proceeding. Triggers on destructive keywords like deploy, delete, send, publish, update database, process payment.

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "checkpoint-guardian" with this command: npx skills add fatih-developer/fth-skills/fatih-developer-fth-skills-checkpoint-guardian

Checkpoint Guardian Protocol

Stop before every critical action, assess the risk level, and require confirmation when needed. Goal: catch irreversible mistakes before they happen.

Workflow

1. Detect critical action in the current step
2. Classify risk level (LOW / MEDIUM / HIGH)
3. Apply checkpoint behavior based on level
4. Log the checkpoint decision
5. Show audit trail at end of task

Risk Levels

LOW RISK — Pass Silently

Reversible, limited side effects, common operations:

  • Reading files, listing directories
  • Creating new files (without overwriting)
  • Read-only API calls (GET)
  • Writing to console/logs
  • Creating temporary files

Behavior: No checkpoint shown. Log the action silently for audit trail.

MEDIUM RISK — Brief Confirmation

Reversible but requiring attention:

  • Overwriting an existing file (backup possible)
  • Inserting new database records (not update/delete)
  • POST request to external service (read-purpose)
  • Deploying to test/staging environment

Behavior: Show a brief checkpoint and ask for confirmation before proceeding.

Use templates/checkpoint-medium.md.tmpl for the output format.

HIGH RISK — Full Confirmation Required

Irreversible or wide-impact operations:

  • Deleting files or directories
  • Updating or deleting database records
  • Payment or money transfer
  • Deploying to production
  • Bulk operations (50+ records, multiple services)
  • Operations involving credentials or secrets

Behavior: Stop completely. Show detailed checkpoint with impact assessment, reversibility status, and safer alternatives. Do not proceed without explicit "yes" or "proceed" from the user.

Use templates/checkpoint-high.md.tmpl for the output format.

Risk Classification

See references/RISK_MATRIX.md for the complete risk classification table and escalation rules.

Escalation Rules

Any of these conditions bumps risk one level up:

  • Bulk operation: 50+ records or files
  • Production environment: tagged prod, production, live
  • No rollback path: no backup, no soft-delete
  • Sensitive data: PII, payment info, credentials
  • Chain reaction: this step triggers other critical steps

After Checkpoint Resolution

User approves:

  1. Execute the action
  2. Report result briefly: Completed: [what was done]

User rejects:

  1. Do not execute the action
  2. Suggest alternatives: safer path, partial operation, dry-run
  3. Wait for the user to set a new direction

Audit Trail

Log every checkpoint decision throughout the task:

[CHECKPOINT LOG]
Step     : [step number or sequence]
Action   : [summary]
Risk     : LOW / MEDIUM / HIGH
Decision : Passed silently / Approved / Rejected

At the end of every task, show the complete checkpoint log summary to the user. This is mandatory — never skip the audit trail.

Guardrails

  • Never skip HIGH RISK checkpoints — no exceptions, even if the user previously said "approve all."
  • When in doubt, escalate — if risk level is ambiguous, choose the higher level.
  • Always suggest alternatives for HIGH RISK actions — give the user a safer path.
  • Audit trail is mandatory — even LOW RISK actions must be logged silently.
  • Respect explicit user intent — if the user clearly states "I know the risks, proceed," honor it for that specific action only (not blanket approval).
  • This skill applies to every agent action — it is not opt-in per step.

Examples

See references/EXAMPLES.md for worked examples across all risk levels.

Templates

  • Use templates/checkpoint-high.md.tmpl for HIGH RISK checkpoint format.
  • Use templates/checkpoint-medium.md.tmpl for MEDIUM RISK checkpoint format.

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Coding

task-decomposer

No summary provided by upstream source.

Repository SourceNeeds Review
14-fatih-developer
Coding

multi-brain-score

No summary provided by upstream source.

Repository SourceNeeds Review
12-fatih-developer
Coding

context-compressor

No summary provided by upstream source.

Repository SourceNeeds Review
11-fatih-developer
Coding

multi-brain

No summary provided by upstream source.

Repository SourceNeeds Review
11-fatih-developer