.agents/skills/gstack-freeze/SKILL.md
Safety Advisory: This skill includes safety checks that verify file edits are within the allowed scope boundary before applying, and verify file writes are within the allowed scope boundary before applying. When using this skill, always pause and verify before executing potentially destructive operations. If uncertain about a command's safety, ask the user for confirmation before proceeding.
Lock file edits to a specific directory. Any Edit or Write operation targeting a file outside the allowed path will be blocked (not just warned).
mkdir -p ~/.gstack/analytics
echo '{"skill":"freeze","ts":"'$(date -u +%Y-%m-%dT%H:%M:%SZ)'","repo":"'$(basename "$(git rev-parse --show-toplevel 2>/dev/null)" 2>/dev/null || echo "unknown")'"}' >> ~/.gstack/analytics/skill-usage.jsonl 2>/dev/null || true
Ask the user which directory to restrict edits to. Use AskUserQuestion:
Once the user provides a directory path:
FREEZE_DIR=$(cd "<user-provided-path>" 2>/dev/null && pwd)
echo "$FREEZE_DIR"
FREEZE_DIR="${FREEZE_DIR%/}/"
STATE_DIR="${CLAUDE_PLUGIN_DATA:-$HOME/.gstack}"
mkdir -p "$STATE_DIR"
echo "$FREEZE_DIR" > "$STATE_DIR/freeze-dir.txt"
echo "Freeze boundary set: $FREEZE_DIR"
Tell the user: "Edits are now restricted to <path>/. Any Edit or Write
outside this directory will be blocked. To change the boundary, run /freeze
again. To remove it, run /unfreeze or end the session."
The hook reads file_path from the Edit/Write tool input JSON, then checks
whether the path starts with the freeze directory. If not, it returns
permissionDecision: "deny" to block the operation.
The freeze boundary persists for the session via the state file. The hook script reads it on every Edit/Write invocation.
/ on the freeze directory prevents /src from matching /src-oldsed can still modify files outside the boundary/unfreeze or end the conversation