Forbidden Commands Defined

The main instruction file must contain at least one constraint atom that prohibits specific commands or actions. Listing forbidden operations prevents the agent from executing destructive commands like git push --force, rm -rf, or database mutations without explicit user approval.

Antipatterns

• Describing dangerous commands without prohibiting them like "The git reset --hard command discards changes" — description is not a constraint, the check requires imperative prohibition.
• Prohibitions only in scoped rule files like constraints in .claude/rules/sensitive-files.md but none in CLAUDE.md — the check targets type: main, so the main file must contain its own constraint atoms.
• Generic warnings like "Be careful with destructive operations" — vague cautions do not produce constraint atoms.

Pass / Fail

Pass

# Constraints
NEVER run `git push --force` on `main`.
*Do NOT modify `.env` or `credentials*` files.*

Fail

# Commands
Use `git push` to publish changes.
Use `git reset` to undo changes.

Limitations

Checks for at least one constraint atom defining forbidden operations. Does not verify the forbidden list covers the project's actual dangerous commands.