playbooks

home / skills / beshkenadze / claude-skills-marketplace / safe-rm

safe-rm skill

/skills/utility/safe-rm

This skill helps you safely remove files and directories by wrapping rm -rf with protective checks and dry-run previews.

npx playbooks add skill beshkenadze/claude-skills-marketplace --skill safe-rm

Review the files below or copy the command above to add this skill to your agents.

Files (2)
SKILL.md
1.3 KB
---
name: safe-rm
description: Use safe-rm script instead of rm -rf. Prevents accidental deletion of protected system, config, and project paths.
version: 1.0.0
---

# Safe RM

## Overview

Wrapper around `rm -rf` with safety checks. Use this instead of direct `rm -rf` commands.

## When to Use

- Deleting directories or files recursively
- Any `rm -rf` or `rm -r` operation
- Cleaning up temporary files/folders

## Usage

```bash
# Dry-run (default) - shows what would be deleted
safe-rm /path/to/delete

# Actually delete (if path is not protected)
safe-rm --force /path/to/delete
safe-rm -f /path/to/delete
```

## Protected Paths

The script blocks deletion of:

**System:** `/`, `/bin`, `/boot`, `/dev`, `/etc`, `/lib`, `/opt`, `/proc`, `/root`, `/sbin`, `/sys`, `/usr`, `/var`, `/home`, `/Users`

**Home config:** `~`, `~/.ssh`, `~/.gnupg`, `~/.config`, `~/.local`, `~/.claude`, `~/.zshrc`, `~/.bashrc`

**Project:** `.git`, git repository root

## Exit Codes

- `0` — success (or dry-run completed)
- `1` — path is protected
- `2` — path does not exist

## Instructions for Claude

1. **NEVER use `rm -rf` directly** — always use `safe-rm` script
2. Run without `--force` first to preview what will be deleted
3. If path is protected, inform user and do not proceed
4. Only use `--force` after confirming dry-run output is correct

Overview

This skill provides a safe-rm wrapper around rm -rf to prevent accidental deletion of critical system, configuration, and project paths. It enforces a dry-run by default and blocks protected locations, requiring an explicit --force to perform removals. The goal is to make destructive file operations deliberate and auditable.

How this skill works

safe-rm inspects target paths before invoking removal: it checks existence, matches against a list of protected system and home config locations, and detects common project markers (like .git or repo root). By default it performs a dry-run showing what would be removed; only when --force is provided and no protection matches will it execute rm -rf. It exits with meaningful codes: 0 for success/dry-run, 1 for protected path, and 2 for missing path.

When to use it

  • Any recursive deletion (rm -r / rm -rf)
  • Cleaning temporary files or build artifacts
  • When removing directories that may contain config or hidden files
  • Before running batch delete scripts to verify targets
  • When working in repositories where .git or repo root should be preserved

Best practices

  • Always run safe-rm without --force first to preview deletions
  • Review dry-run output carefully before confirming destructive actions
  • Never bypass protections for system or home config paths
  • Use safe-rm in automation and CI to reduce catastrophic mistakes
  • Keep the protected-paths list updated to reflect your environment

Example use cases

  • Safely remove a large build directory after confirming contents: safe-rm /path/to/build
  • Clean a temp workspace in CI with a dry-run step, then use --force when approved
  • Avoid accidentally deleting your home dotfiles by blocking ~/.ssh and shell rc files
  • Protect repository integrity by preventing deletion at repo root or .git
  • Use in developer scripts to replace direct rm -rf calls for safer operations

FAQ

What happens if I run safe-rm on a protected path?

The script aborts, returns exit code 1, and prints a clear message identifying the protection; no deletion occurs.

How do I actually remove files after a dry-run?

Re-run the same safe-rm command with --force or -f after confirming the dry-run output; safe-rm will re-check protections before proceeding.