More screenshots
Works with the AI tools you already use
🛡️ GuardrailDoctor
Penetration-test your Claude Code agent's guardrails before you deploy. Throws prompt-injection payloads, shell-chaining, and path-traversal attempts at your PreToolUse/PostToolUse hooks and sensitive-file protections, then returns a pass/fail report on 10+ attack vectors with copy-paste remediation for every gap.
$29
· or 145 creditsSecure checkout via Stripe
About this skill
What it does
Guardrail Doctor is a specialized security auditing skill designed to stress-test your Claude Code environment's safety configurations. It performs a comprehensive "penetration test" on your agent's guardrails by auditing security hooks, testing against prompt injection payloads, and verifying that sensitive file protections actually trigger when faced with adversarial inputs.
Why use this skill
Standard LLM prompts are notoriously easy to bypass. Manually testing every potential shell substitution, encoding attack, or path traversal vulnerability is tedious and error-prone. Guardrail Doctor automates this process by treating your agent's security layer as software that must be validated. It goes beyond simple keyword blocking to ensure that PreToolUse and PostToolUse hooks are correctly implemented, firing on the right tools, and actually blocking execution rather than just logging failures.
Supported Tools & Frameworks
- Claude Code (.claude/settings.json)
- Custom PreToolUse and PostToolUse hook scripts
- Bash, Read, Write, Edit, and MCP tools
- System-level security patterns (Linux/MacOS/Env vars)
Output Expected
The skill generates a professional audit report including a pass/fail table for at least 10 specific attack vectors, hook execution status, and copy-pasteable remediation snippets to fix any discovered vulnerabilities immediately.
Details
How to install
Drop the file into your AI Agent. Works with Claude, Cursor, ChatGPT, and 20+ more.
Security Scanned
Passed automated security review
Permissions
File Scopes
Guardrail Doctor needs terminal access to safely test hook configurations with benign test payloads (e.g., harmless echo commands). It never executes destructive or unauthorized commands. File read access allows it to audit existing security settings. The skill does not write to any files—all recommendations are provided as output for the user to review and apply manually, ensuring the user remains in control of their security configuration.
Creator
JustHandled Labs builds focused agent skills for the work nobody wants to do by hand. Each one is a single repeatable job done well: catching the security and data mistakes that quietly ship, keeping docs and tests honest, gating the commands an agent is about to run, sharpening writing, and handling the founder chores around launches, outreach, and brand setup. Not generic AI productivity. Specific workflows that are easy to run, review, and repeat. Maintained by H.J. Westerfield, with a background in communications, editing, project coordination, customer support, and practical AI systems. Tools for people who want useful automation without theatrical complexity.
Also available in a bundle
Frequently Asked Questions
More Premium Skills
Bounty Security Pattern Master Library — 399 Vulnerability Patterns
A premium library of 399 vulnerability patterns and DeFi attack vectors for AI-driven bug hunting and security audits.

OpenAPI and Request Collection Builder
Turn your API's route and handler code into a spec-compliant OpenAPI 3.1 document and a ready-to-import request collection — paths, referenced schemas, auth, error responses, examples, and a variable-driven collection with the base URL and token wired up. Derived from your code, not invented.

Business Strategist
A framework-driven consultant for business diagnosis, market mapping, and pricing strategy.
designing-hybrid-context-layers
Architects the right retrieval strategy for every query — teaching your agent when to use RAG, a knowledge graph, or a temporal index instead of defaulting to vector search for everything.