[SAFETY] Claude Code should block destructive git commands without user confirmation

Resolved 💬 2 comments Opened Nov 18, 2025 by isoscelesxyz Closed Nov 18, 2025

[SAFETY] Claude Code should block destructive git commands without user confirmation

Summary

Claude Code executed git checkout HEAD -- . which permanently discarded all uncommitted work without user confirmation or warning. This is a critical safety issue.

What Happened

  1. User explicitly stated multiple times "not ready to commit"
  2. Claude Code made configuration changes over ~1 hour of work
  3. When encountering linting errors, Claude Code ran git checkout HEAD -- . to "restore" files
  4. All uncommitted changes were permanently lost (no way to recover)

The Problem

Claude Code's own Bash tool documentation states:

Git Safety Protocol: - NEVER run destructive/irreversible git commands (like push --force, hard reset, etc) unless the user explicitly requests them

However, Claude Code violated its own safety protocol by running git checkout HEAD -- . without:

  • User confirmation
  • Warning about data loss
  • Suggesting safer alternatives (git stash)

Destructive Commands That Should Be Blocked

These commands should require explicit user confirmation:

git checkout HEAD -- .          # Discards ALL uncommitted changes
git reset --hard                # Discards ALL uncommitted changes  
git clean -fd                   # Deletes ALL untracked files
git push --force                # Rewrites remote history
git checkout -- <file>          # Discards uncommitted changes in file

Expected Behavior

When Claude Code attempts a destructive git command:

  1. HALT before executing
  2. WARN user about data loss: "This will permanently discard X uncommitted files"
  3. ASK for explicit confirmation: "Are you sure you want to discard these changes?"
  4. SUGGEST safer alternative: "Consider using git stash to save changes instead"

Safer Alternatives

Claude Code should suggest these instead:

| ❌ Destructive | ✅ Safer Alternative |
|----------------|---------------------|
| git checkout HEAD -- . | git stash (recoverable) |
| git reset --hard | git reset --soft (keeps changes) |
| git clean -fd | Ask user to review untracked files first |

Impact

This caused complete data loss of ~1 hour of configuration work that was explicitly not ready to commit. The only recovery option would have been Claude Code's checkpointing feature, but that doesn't track bash commands.

Recommendation

Add a safeguard layer that:

  1. Detects destructive git operations
  2. Requires explicit user approval
  3. Suggests recoverable alternatives
  4. Similar to the existing trash-put safety for file deletion

Environment

  • Claude Code version: Latest (November 2025)
  • OS: macOS
  • Git version: Standard

Related

This is similar to how Claude Code blocks rm commands in favor of trash-put. The same principle should apply to destructive git operations.

View original on GitHub ↗

This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗