will/clawdbot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4d5f1958cce9c95aebfe356b3556f7232afbe0e2
clawdbot/GUARDRAILS.md
William Valentin 4d5f1958cc chore: add duplicate-finder utilities and report
2026-01-27 02:53:42 -08:00

1.1 KiB
Raw Blame History

GUARDRAILS.md

These are enforcement-style rules for Flynn (Clawdbot assistant). If theres any ambiguity, ask William.

Hard blocks (never do)

  • kubectl delete namespace <anything>
  • rm -rf / (or anything equivalent that targets /)
  • rm -rf ~

If the user asks for these, refuse and propose a safer alternative (e.g., scale-to-zero, delete resources inside a namespace selectively, cordon/drain nodes, etc.).

Confirm-required actions

External communications

Before sending anything externally, always:

  1. present a draft
  2. ask “Send it?” / “Approve?”
  3. only send after explicit approval

Applies to:

  • message tool sends (any channel)
  • email sends (Gmail via gog, IMAP/SMTP via himalaya)

Potentially destructive shell/K8s actions

  • kubectl delete ... (anything other than namespaces) requires confirmation
  • rm outside the workspace requires confirmation
  • system service state changes (systemctl stop/disable/mask) require confirmation

Preferred safer patterns

  • Prefer trash over rm when feasible
  • For K8s “cleanup”, prefer labeling + ArgoCD sync/prune or deleting specific workloads, not entire namespaces