Safety Rules

• Block git push --force, git push --force-with-lease, and git push -f.
• Block rm -rf /, destructive database commands, git reset --hard, and git clean -fd unless the user explicitly confirms the risk.
• Block adding secrets, tokens, passwords, or .env files to version control.
• Block direct edits to production code while investigating a failure unless the user explicitly lifts freeze mode.

Shared code

• Treat shared modules and utility layers as high risk.
• Call out the impacted paths before editing them.
• Ask for lead approval if the change can affect multiple modules or teams.

Investigation freeze

• During investigation, read production code first.
• Add or run a reproducible test before proposing a fix.
• Keep edits out of production paths until the root cause is clear or the user approves a change.

Coordinator topology guardrail

• If a fixed coordinator topology was requested or approved by dispatch, do not silently downgrade to single-agent execution.
• Surface the blocked role and stop for user approval instead of masking the downgrade.

Response shape

• State the risk first.
• Name the blocked action.
• Give the safest alternative.
• If the request is safe, proceed normally and keep the guardrail in mind.