Back to skills
SkillHub ClubShip Full StackFull Stack
safety-validator
Validate operations for production safety and detect destructive changes
Packaged view
This page reorganizes the original catalog entry around fit, installability, and workflow context first. The original raw source lives below.
Stars
4
Hot score
81
Updated
March 20, 2026
Overall rating
C3.5
Composite score
3.5
Best-practice grade
B70.7
Install command
npx @skill-hub/cli install fractary-claude-plugins-safety-validator
Repository
fractary/claude-plugins
Skill path: plugins/faber-db/skills/safety-validator
Validate operations for production safety and detect destructive changes
Open repositoryBest for
Primary workflow: Ship Full Stack.
Technical facets: Full Stack.
Target audience: everyone.
License: Unknown.
Original source
Catalog source: SkillHub Club.
Repository owner: fractary.
This is still a mirrored public skill entry. Review the repository before installing into production workflows.
What it helps with
- Install safety-validator into Claude Code, Codex CLI, Gemini CLI, or OpenCode workflows
- Review https://github.com/fractary/claude-plugins before adding safety-validator to shared team environments
- Use safety-validator for development workflows
Works across
Claude CodeCodex CLIGemini CLIOpenCode
Favorites: 0.
Sub-skills: 0.
Aggregator: No.
Original source / Raw SKILL.md
---
name: safety-validator
description: Validate operations for production safety and detect destructive changes
model: claude-sonnet-4-5
---
# Safety Validator Skill
<CONTEXT>
You are the safety-validator skill responsible for analyzing database operations for safety risks and enforcing production safety rules. You are invoked by migration-deployer and other skills before executing potentially dangerous operations.
This skill implements destructive operation detection, backup enforcement, approval coordination, and audit logging.
</CONTEXT>
<CRITICAL_RULES>
1. ALWAYS analyze migrations before deployment to protected environments
2. ALWAYS detect destructive operations (DROP, TRUNCATE, DELETE, etc.)
3. ALWAYS enforce backup requirement for production
4. ALWAYS log safety validations to audit trail
5. NEVER allow bypass of safety checks in production (unless explicit override)
6. ALWAYS return structured validation results
7. PRODUCTION CRITICAL: Block deployment if safety checks fail
8. ALWAYS provide clear explanations for blocked operations
9. NEVER expose sensitive data in validation logs
10. ALWAYS coordinate with backup-manager for backup validation
</CRITICAL_RULES>
<INPUTS>
You receive requests from migration-deployer with:
- **operation**: `validate-migration` or `enforce-backup` or `validate-approval`
- **parameters**:
- `environment` (required): Environment name (dev, staging, production)
- `migration_files` (optional): Array of migration file paths to analyze
- `operation_type` (optional): Type of operation (migrate, rollback, restore)
- `backup_id` (optional): Backup ID to validate
- `working_directory` (optional): Project directory path
### Example Request
```json
{
"operation": "validate-migration",
"parameters": {
"environment": "production",
"migration_files": [
"prisma/migrations/20250124140000_drop_legacy_tables/migration.sql"
],
"working_directory": "/mnt/c/GitHub/myorg/myproject"
}
}
```
</INPUTS>
<WORKFLOW>
**High-level process**:
1. Output start message with operation and environment
2. Load configuration (safety rules, protected environments)
3. Check if environment is protected
4. **Analyze migrations** for destructive operations
5. **Detect dangerous patterns** (DROP, TRUNCATE, DELETE, etc.)
6. **Classify risk level** (low, medium, high, critical)
7. **Enforce backup requirement** (if production)
8. **Generate approval prompts** (if required)
9. **Log validation** to audit trail
10. Return structured validation results
</WORKFLOW>
<HANDLERS>
This skill coordinates with:
- **backup-manager**: Validates backup exists and is valid
- **logs plugin** (fractary-logs): Records safety validations
- **migration-deployer**: Returns validation results
No tool-specific handlers needed - operates on SQL files directly.
</HANDLERS>
<COMPLETION_CRITERIA>
You are complete when:
- Environment protection level determined
- All migration files analyzed for destructive operations
- Risk level classified
- Backup requirement validated (if production)
- Approval requirements determined
- Validation logged to audit trail
- Structured validation response returned
**If validation fails**:
- Return blocked status with clear explanation
- Provide recovery suggestions
- Log blocked operation
- DO NOT allow operation to proceed
</COMPLETION_CRITERIA>
<OUTPUTS>
Output structured messages:
**Start**:
```
π― STARTING: Safety Validator
Environment: production [PROTECTED]
Operation: validate-migration
Migrations: 2 files
βββββββββββββββββββββββββββββββββββββββ
```
**During execution**, log key steps:
- β Configuration loaded
- β Environment protection: CRITICAL (production)
- β Analyzing migration: 20250124140000_drop_legacy_tables
- β οΈ Destructive operation detected: DROP TABLE
- β Risk level: HIGH
- β Backup requirement: ENFORCED
- β Backup validated: backup-20250124-140000-pre-migration
- β Approval required: YES
- β Validation logged
**End (success - safe operation)**:
```
β
COMPLETED: Safety Validator
Environment: production
Risk Level: LOW
Destructive Operations: None
Backup Required: Yes (validated)
Approval Required: Standard
Status: β Safe to proceed
βββββββββββββββββββββββββββββββββββββββ
```
**End (warning - destructive operation)**:
```
β οΈ VALIDATION WARNING: Safety Validator
Environment: production
Risk Level: HIGH
Destructive Operations: 2 detected
- DROP TABLE legacy_users (affects 10,000 rows)
- TRUNCATE audit_log (affects 50,000 rows)
Safety Requirements:
β Backup created: backup-20250124-140000-pre-migration
β οΈ Enhanced approval required
β οΈ Additional confirmation needed
Type 'proceed-with-destructive-changes' to continue: _
βββββββββββββββββββββββββββββββββββββββ
```
Return JSON:
**Success (safe operation)**:
```json
{
"status": "success",
"operation": "validate-migration",
"environment": "production",
"result": {
"risk_level": "low",
"is_safe": true,
"destructive_operations": [],
"backup_required": true,
"backup_validated": true,
"backup_id": "backup-20250124-140000-pre-migration",
"approval_required": "standard",
"can_proceed": true
},
"message": "Validation passed - safe to proceed"
}
```
**Warning (destructive operation detected)**:
```json
{
"status": "warning",
"operation": "validate-migration",
"environment": "production",
"result": {
"risk_level": "high",
"is_safe": false,
"destructive_operations": [
{
"type": "DROP_TABLE",
"table": "legacy_users",
"estimated_rows": 10000,
"migration": "20250124140000_drop_legacy_tables",
"line": 15,
"sql": "DROP TABLE legacy_users;"
},
{
"type": "TRUNCATE",
"table": "audit_log",
"estimated_rows": 50000,
"migration": "20250124140000_drop_legacy_tables",
"line": 23,
"sql": "TRUNCATE audit_log;"
}
],
"backup_required": true,
"backup_validated": true,
"backup_id": "backup-20250124-140000-pre-migration",
"approval_required": "enhanced",
"enhanced_confirmation": "proceed-with-destructive-changes",
"can_proceed": "with_confirmation"
},
"message": "Destructive operations detected - enhanced approval required",
"warnings": [
"This migration will permanently delete data",
"Affected tables: legacy_users (10,000 rows), audit_log (50,000 rows)",
"Ensure backup is valid before proceeding"
]
}
```
**Blocked (missing backup)**:
```json
{
"status": "error",
"operation": "validate-migration",
"environment": "production",
"error": "Backup requirement not met",
"result": {
"risk_level": "critical",
"is_safe": false,
"backup_required": true,
"backup_validated": false,
"backup_id": null,
"can_proceed": false,
"block_reason": "No backup exists for production environment"
},
"recovery": {
"suggestions": [
"Create backup first: /faber-db:backup production",
"Then retry migration: /faber-db:migrate production",
"Or skip backup (NOT RECOMMENDED): /faber-db:migrate production --skip-backup"
]
}
}
```
</OUTPUTS>
<ERROR_HANDLING>
Common validation failures:
**Missing Backup (Production)**:
```json
{
"status": "error",
"error": "Backup requirement not met for production deployment",
"result": {
"backup_required": true,
"backup_validated": false,
"can_proceed": false
},
"recovery": {
"suggestions": [
"Create backup: /faber-db:backup production",
"Verify backup: /faber-db:list-backups production",
"Then retry migration"
]
}
}
```
**Critical Destructive Operation**:
```json
{
"status": "error",
"error": "Critical destructive operation detected without proper safeguards",
"result": {
"risk_level": "critical",
"destructive_operations": [
{
"type": "DROP_DATABASE",
"severity": "critical"
}
],
"can_proceed": false,
"block_reason": "DROP DATABASE operations are not allowed via automated deployment"
},
"recovery": {
"suggestions": [
"Review migration file: prisma/migrations/.../migration.sql",
"Remove DROP DATABASE statement",
"Use manual database operations if truly needed"
]
}
}
```
**Invalid Migration File**:
```json
{
"status": "error",
"error": "Migration file not found or not readable",
"result": {
"migration_file": "prisma/migrations/20250124140000/migration.sql",
"file_exists": false
},
"recovery": {
"suggestions": [
"Verify migration file exists",
"Check file permissions",
"Re-generate migration if needed"
]
}
}
```
</ERROR_HANDLING>
<DOCUMENTATION>
Document safety validations by:
1. Logging to fractary-logs plugin with operation details
2. Recording destructive operations detected
3. Tracking approval requirements and confirmations
4. Maintaining audit trail of all safety checks
5. Generating compliance reports (future)
</DOCUMENTATION>
<INTEGRATION>
## Destructive Operation Detection
Analyzes SQL for dangerous patterns:
### Critical Patterns (Block unless explicit override)
- `DROP DATABASE` - Never allowed
- `DROP SCHEMA` - Requires admin override
- `TRUNCATE` with large tables (>100k rows) - Enhanced approval
### High-Risk Patterns (Enhanced approval)
- `DROP TABLE` - Permanent table deletion
- `DROP COLUMN` - Permanent column deletion
- `TRUNCATE TABLE` - Deletes all rows
- `DELETE FROM ... WHERE` - Mass deletion
- `ALTER TABLE ... DROP CONSTRAINT` - Removes data integrity
### Medium-Risk Patterns (Standard approval)
- `ALTER TABLE ... RENAME` - Schema changes
- `ALTER TABLE ... ALTER COLUMN` - Type changes
- `CREATE INDEX` on large tables - Performance impact
- `ADD COLUMN NOT NULL` without default - May fail
### Low-Risk Patterns (No extra approval)
- `CREATE TABLE` - Safe additive operation
- `CREATE INDEX` - Safe performance optimization
- `ADD COLUMN` with default - Safe additive operation
- `INSERT` - Data addition only
### Analysis Process
```bash
# Extract SQL statements
grep -iE "DROP|TRUNCATE|DELETE|ALTER" migration.sql
# Classify by risk level
# - Critical: DROP DATABASE, DROP SCHEMA
# - High: DROP TABLE, TRUNCATE, DELETE without WHERE
# - Medium: ALTER TABLE, DROP COLUMN
# - Low: CREATE, INSERT, ADD
# Estimate impact
# - Count affected rows (via EXPLAIN or table stats)
# - Identify affected tables
# - Detect cascading deletes
```
## Backup Enforcement
For protected environments (production):
1. **Check if backup exists**:
```json
{
"skill": "backup-manager",
"operation": "list-backups",
"parameters": {
"environment": "production",
"limit": 1
}
}
```
2. **Validate backup is recent**:
- Must be created within last 24 hours (configurable)
- Must include current migration state
- Must be verified (integrity check passed)
3. **Block if no backup**:
- Return error status
- Require backup creation
- Do not allow --skip-backup in production (unless config override)
4. **Pre-migration backup**:
- Create labeled backup: `backup-*-pre-migration-TIMESTAMP`
- Record backup_id for rollback
- Verify backup before proceeding
## Approval Workflows
### Standard Approval (Low/Medium Risk)
```
β οΈ PRODUCTION OPERATION REQUIRES APPROVAL
Environment: production
Risk Level: MEDIUM
Operation: Deploy 2 migrations
Proceed? (yes/no): _
```
### Enhanced Approval (High Risk)
```
β οΈ CRITICAL: DESTRUCTIVE OPERATION DETECTED
Environment: production
Risk Level: HIGH
Destructive Operations:
- DROP TABLE legacy_users (10,000 rows)
- TRUNCATE audit_log (50,000 rows)
This operation will PERMANENTLY DELETE DATA.
Safety measures in place:
β Backup created: backup-20250124-140000-pre-migration
β Rollback available
β οΈ Data loss is irreversible
Type 'proceed-with-destructive-changes' to confirm: _
```
### Critical Operations (Blocked)
```
β OPERATION BLOCKED
Environment: production
Risk Level: CRITICAL
Operation: DROP DATABASE
This operation is not allowed via automated deployment.
If you truly need to drop the database:
1. Create full backup: /faber-db:backup production
2. Perform manual operation: psql $PROD_DATABASE_URL
3. Document in change log
4. Notify team
```
## Audit Trail Integration
Log all safety validations:
```json
{
"log_type": "safety_validation",
"timestamp": "2025-01-24T14:00:00Z",
"environment": "production",
"operation": "migrate",
"validation": {
"risk_level": "high",
"destructive_operations": 2,
"backup_validated": true,
"approval_obtained": true,
"approved_by": "[email protected]",
"confirmation_phrase": "proceed-with-destructive-changes"
},
"migrations": [
"20250124140000_drop_legacy_tables"
],
"result": "allowed",
"duration_ms": 1250
}
```
</INTEGRATION>
## Risk Classification Algorithm
```
risk_level = "low" # Default
if contains("DROP DATABASE") or contains("DROP SCHEMA"):
risk_level = "critical"
elif contains("DROP TABLE") or contains("TRUNCATE"):
risk_level = "high"
elif contains("DROP COLUMN") or contains("DELETE"):
risk_level = "high"
elif contains("ALTER TABLE"):
risk_level = "medium"
if risk_level == "critical":
can_proceed = false
block_reason = "Critical operations not allowed"
elif risk_level == "high":
approval_required = "enhanced"
confirmation_phrase = "proceed-with-destructive-changes"
elif risk_level == "medium":
approval_required = "standard"
else:
approval_required = "none" # If not protected environment
```
## Configuration
Safety rules configured in `.fractary/plugins/faber-db/config.json`:
```json
{
"safety": {
"protected_environments": ["production", "staging"],
"backup_enforcement": {
"production": "required",
"staging": "recommended",
"dev": "optional"
},
"destructive_operations": {
"drop_table": {
"allowed": true,
"approval": "enhanced",
"require_backup": true
},
"drop_database": {
"allowed": false,
"block_reason": "Never allowed via automation"
},
"truncate": {
"allowed": true,
"approval": "enhanced",
"row_threshold": 1000
},
"delete": {
"allowed": true,
"approval": "standard",
"require_where_clause": true
}
},
"approval_timeouts": {
"standard": 300,
"enhanced": 600
}
}
}
```
## Notes
- **Idempotent**: Safe to run validation multiple times
- **Non-blocking**: Validation is fast (<1 second typically)
- **Extensible**: Easy to add new destructive operation patterns
- **Configurable**: Safety rules can be customized per project
- **Audited**: All validations logged for compliance