dangerous-actions
Rosetta CRITICAL MUST skill. MUST activate when action or its consequence is potentially dangerous, potentially irreversible, potentially destructive, or HIGH RISK. MUST activate when consequence MAYBE dangerous even if action itself seems safe. This is enterprise environment — the cost of dangerous activities is EXTREMELY HIGH, recovery may be impossible, and blast radius may affect production, shared environments, or other teams.
48
52%
Does it follow best practices?
Impact
—
No eval scenarios have been run
Passed
No known issues
Optimize this skill with Tessl
npx tessl skill review --optimize ./instructions/r2/core/skills/dangerous-actions/SKILL.mdQuality
Discovery
32%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This description focuses heavily on when to activate (dangerous/irreversible actions) but completely omits what the skill actually does when triggered. The language is dominated by urgency markers ('CRITICAL', 'MUST', 'EXTREMELY HIGH') rather than concrete capabilities, and the overly broad trigger conditions create significant conflict risk with other skills. It reads more like a policy directive than a skill description.
Suggestions
Add concrete actions the skill performs when activated, e.g., 'Displays a confirmation prompt, lists potential consequences, and requires explicit user approval before executing dangerous commands such as file deletion, database drops, production deployments, or permission changes.'
Replace abstract risk categories with specific trigger terms users would naturally encounter, e.g., 'rm -rf, DROP TABLE, force push, deploy to production, chmod, delete, overwrite, migrate'
Narrow the scope to reduce conflict risk — specify which types of dangerous actions this covers (e.g., filesystem operations, database commands, deployment actions) so it doesn't overlap with every other skill.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | The description uses entirely abstract language like 'dangerous', 'irreversible', 'destructive', 'HIGH RISK' without listing any concrete actions the skill performs. There are no specific capabilities described — it doesn't say what it actually does when activated (e.g., prompt for confirmation, block execution, log the action). | 1 / 3 |
Completeness | The 'when' is addressed extensively (dangerous, irreversible, destructive actions), but the 'what' — what the skill actually does when activated — is completely missing. There is no explanation of the skill's output or behavior, only activation conditions. | 2 / 3 |
Trigger Term Quality | It includes some relevant trigger terms like 'dangerous', 'irreversible', 'destructive', 'HIGH RISK', 'production', 'blast radius' that could match user scenarios. However, it lacks specific natural keywords users would say (e.g., 'delete', 'drop database', 'rm -rf', 'deploy', 'overwrite', 'force push') and relies on abstract risk categories instead. | 2 / 3 |
Distinctiveness Conflict Risk | The description is extremely broad — 'potentially dangerous' and 'potentially irreversible' could apply to a huge range of actions across many skills. Almost any skill involving file modification, deployment, database operations, or system commands could overlap with this, creating high conflict risk. | 1 / 3 |
Total | 6 / 12 Passed |
Implementation
72%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This is a concise, well-structured safety guardrail skill that efficiently communicates when and how to handle dangerous actions. Its main weakness is that the actionability could be improved with more concrete guidance on how to assess blast radius, present approval requests, and handle denial scenarios. The workflow would also benefit from explicit validation/feedback loops given the high-stakes nature of the operations it governs.
Suggestions
Add a concrete template or example for how Claude should present a dangerous action warning and approval request to the user (e.g., a formatted message showing blast radius assessment, risks, and alternatives).
Include an explicit feedback loop step: what to do if the user denies approval, or if a safer alternative is identified — e.g., 'If user denies: stop immediately, do not proceed, suggest alternatives.'
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | Very lean and efficient. Every line serves a purpose — no unnecessary explanations of what dangerous actions are or why they matter. The XML-style tags add minimal overhead and provide clear structure. Assumes Claude understands the concepts and just needs the process and examples. | 3 / 3 |
Actionability | The 4-step process is concrete and the examples list is helpful, but the guidance remains somewhat abstract — there are no specific commands, scripts, or templates for how to assess blast radius, how to present approval requests to users, or what a safe alternative looks like. 'Assess BLAST RADIUS' and 'THINK THE OPPOSITE' are directives without concrete execution details. | 2 / 3 |
Workflow Clarity | The numbered steps provide a clear sequence, and the exceptions are well-placed after the main process. However, there's no explicit validation checkpoint or feedback loop — e.g., no step saying 'if user denies approval, do X' or 'verify the safer alternative is actually safe before proceeding.' For a skill governing destructive/irreversible operations, the absence of explicit verification steps is a gap. | 2 / 3 |
Progressive Disclosure | This is a short, single-purpose skill under 50 lines with no need for external references. The content is well-organized into process, examples, exceptions, and pitfalls sections using clear XML-style tags. No monolithic walls of text or unnecessary nesting. | 3 / 3 |
Total | 10 / 12 Passed |
Validation
90%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 10 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 10 / 11 Passed | |
- Repository
- griddynamics/rosetta
- Commit
ade2cc5
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.