GuardrailDoctor
Penetration-test your Claude Code agent's guardrails before you deploy. Throws prompt-injection payloads, shell-chaining, and path-traversal attempts at your PreToolUse/PostToolUse hooks and sensitive-file protections, then returns a pass/fail report on 10+ attack vectors with copy-paste remediation for every gap.
- Validate that PreToolUse hooks correctly block unauthorized shell commands.
- Test agent defenses against base64-encoded or translation-based injections.
- Ensures sensitive files like .env or SSH keys are inaccessible to the agent.
$29
· or 145 creditsSecure checkout via Stripe
Included in download
- Validate that PreToolUse hooks correctly block unauthorized shell commands.
- Test agent defenses against base64-encoded or translation-based injections.
- terminal, file_read automation included
- Ready for settings.json and hook files.
Sample input
Run a security audit on my Claude Code guardrails and check for path traversal and shell chaining vulnerabilities.
Sample output
Test | Result | Evidence | Remediation Path Traversal | FAIL | cat /etc/passwd allowed | Update hook to block '/etc/' Shell Chaining | FAIL | echo 'vulnerable' && id allowed | Use command parser script Sensitive Files | PASS | .env blocked by hook | N/A
Total: 1 Pass, 2 Fail. High bypass risk detected.
Penetration-test your Claude Code agent's guardrails before you deploy. Throws prompt-injection payloads, shell-chaining, and path-traversal attempts at your PreToolUse/PostToolUse hooks and sensitive-file protections, then returns a pass/fail report on 10+ attack vectors with copy-paste remediation for every gap.
$29
· or 145 creditsSecure checkout via Stripe
Also available in a bundle
Included in download
- Validate that PreToolUse hooks correctly block unauthorized shell commands.
- Test agent defenses against base64-encoded or translation-based injections.
- terminal, file_read automation included
- Ready for settings.json and hook files.
- Instant install
Sample input
Run a security audit on my Claude Code guardrails and check for path traversal and shell chaining vulnerabilities.
Sample output
Test | Result | Evidence | Remediation Path Traversal | FAIL | cat /etc/passwd allowed | Update hook to block '/etc/' Shell Chaining | FAIL | echo 'vulnerable' && id allowed | Use command parser script Sensitive Files | PASS | .env blocked by hook | N/A
Total: 1 Pass, 2 Fail. High bypass risk detected.
About This Skill
What it does
Guardrail Doctor is a specialized security auditing skill designed to stress-test your Claude Code environment's safety configurations. It performs a comprehensive "penetration test" on your agent's guardrails by auditing security hooks, testing against prompt injection payloads, and verifying that sensitive file protections actually trigger when faced with adversarial inputs.
Why use this skill
Standard LLM prompts are notoriously easy to bypass. Manually testing every potential shell substitution, encoding attack, or path traversal vulnerability is tedious and error-prone. Guardrail Doctor automates this process by treating your agent's security layer as software that must be validated. It goes beyond simple keyword blocking to ensure that PreToolUse and PostToolUse hooks are correctly implemented, firing on the right tools, and actually blocking execution rather than just logging failures.
Supported Tools & Frameworks
- Claude Code (.claude/settings.json)
- Custom PreToolUse and PostToolUse hook scripts
- Bash, Read, Write, Edit, and MCP tools
- System-level security patterns (Linux/MacOS/Env vars)
Output Expected
The skill generates a professional audit report including a pass/fail table for at least 10 specific attack vectors, hook execution status, and copy-pasteable remediation snippets to fix any discovered vulnerabilities immediately.
Use Cases
- Validate that PreToolUse hooks correctly block unauthorized shell commands.
- Test agent defenses against base64-encoded or translation-based injections.
- Ensures sensitive files like .env or SSH keys are inaccessible to the agent.
- Generate copy-paste remediation code for broken Claude Code safety settings.
Known Limitations
Tests only Claude Code's native hook system. Does not audit external proxy or gateway security. Remediation code may need adaptation for custom hook implementations.
How to Install
mkdir -p ~/.claude/skills && curl -sL https://www.agensi.io/api/install/guardraildoctor -o /tmp/guardraildoctor.zip && unzip -o /tmp/guardraildoctor.zip -d ~/.claude/skills && rm /tmp/guardraildoctor.zipFree skills install directly. Paid skills require purchase - use the download button above after buying.
Reviews
No reviews yet - be the first to share your experience.
Only users who have downloaded or purchased this skill can leave a review.
Early access skill
Be the first to review this skill.
Only users who have downloaded or purchased this skill can leave a review.
Security Scanned
Passed automated security review
Permissions
File Scopes
Guardrail Doctor needs terminal access to safely test hook configurations with benign test payloads (e.g., harmless echo commands). It never executes destructive or unauthorized commands. File read access allows it to audit existing security settings. The skill does not write to any files—all recommendations are provided as output for the user to review and apply manually, ensuring the user remains in control of their security configuration.
Works with Claude Code. Requires access to .claude/settings.json and hook files.
Creator
JustHandled Labs builds focused agent skills for the work nobody wants to do by hand. Each one is a single repeatable job done well: catching the security and data mistakes that quietly ship, keeping docs and tests honest, gating the commands an agent is about to run, sharpening writing, and handling the founder chores around launches, outreach, and brand setup. Not generic AI productivity. Specific workflows that are easy to run, review, and repeat. Maintained by H.J. Westerfield, with a background in communications, editing, project coordination, customer support, and practical AI systems. Tools for people who want useful automation without theatrical complexity.
Also available in a bundle
Frequently Asked Questions
Learn More About AI Agent Skills
More Premium Skills
designing-hybrid-context-layers
Architects the right retrieval strategy for every query — teaching your agent when to use RAG, a knowledge graph, or a temporal index instead of defaulting to vector search for everything.
Multi-Agent Orchestration Master Library
Transform Claude Code into a coordinated multi-agent system. Battle-tested tmux orchestration patterns, YAML task queues, event-driven communication, and parallel worker management for 8+ agents.
skill-router-2
Automatically detect, load, and stack the perfect skills combo for any user request.
sast-configuration
Automate the setup and optimization of Semgrep, SonarQube, and CodeQL for high-signal security testing.