📄 工具详情 ⚙️ 安装教程 📚 使用教程
能力标签
🔌 MCP🤖 Agent🔄 工作流🐳 Docker💻 CLI🧠 Claude
🔌
MCP工具

开源MCP工具

基于 Shell · 让 AI 助手直接操作你的系统与工具
英文名:cc-safe-setup
⭐ 29 Stars 🍴 2 Forks 💻 Shell 📄 未公布协议 🏷 AI 7.5分
7.5AI 综合评分
mcpagentic-codingai-safetyanthropicautomationautonomousshell
⚙️ 配置说明 🔍 查看原项目
✦ AI Skill Hub 推荐

AI Skill Hub 推荐使用:开源MCP工具 是一款优质的MCP工具。AI 综合评分 7.5 分,在同类工具中表现稳健。如果你正在寻找可靠的MCP工具解决方案,这是一个值得深入了解的选择。

📚 深度解析
开源MCP工具 是一款基于 MCP(Model Context Protocol)标准协议的 AI 工具扩展。MCP 协议由 Anthropic 开发并开源,旨在建立 AI 模型与外部工具之间的标准化通信接口,目前已被 Claude Desktop、Claude Code、Cursor 等主流 AI 工具采纳。

通过安装 开源MCP工具,你的 AI 助手将获得额外的工具调用能力,可以用自然语言直接操控该工具的功能,无需学习复杂的命令行语法。MCP 工具的核心价值在于"一次配置,永久增强"——配置完成后,每次与 AI 对话时都可以无缝调用这些工具。

在技术实现上,MCP 工具通过标准的 JSON-RPC 协议与 AI 客户端通信,工具的功能以"工具列表"的形式暴露给 AI 模型,AI 可以按需调用。开源MCP工具 提供了结构化的工具调用接口,使 AI 模型能够精确地理解和使用每个功能点,显著降低 AI 在工具使用上的错误率。

与传统的 API 集成相比,MCP 工具的优势在于无需编写代码——用户只需在配置文件中添加几行 JSON,即可让 AI 获得全新能力。AI Skill Hub 将 开源MCP工具 评为 AI 评分 7.5 分,属于同类工具中的优质选择。
📋 工具概览

使用One命令使Claude Code安全运行,防止rm -rf等危险操作,提高AI安全性

开源MCP工具 是一款遵循 MCP(Model Context Protocol)标准协议的 AI 工具扩展。通过 MCP 协议,它可以让 Claude、Cursor 等主流 AI 客户端直接访问和操作外部工具、数据源和服务,实现 AI 能力的无缝扩展。无论是文件操作、数据库查询还是 API 调用,都可以通过自然语言在 AI 对话中直接触发,极大提升生产效率。

GitHub Stars
⭐ 29
开发语言
Shell
支持平台
macOS / Linux
维护状态
轻量级项目,按需更新
开源协议
未公布
AI 综合评分
7.5 分
工具类型
MCP工具
Forks
2
📖 中文文档
以下内容由 AI Skill Hub 根据项目信息自动整理,如需查看完整原始文档请访问底部「原始来源」。

使用One命令使Claude Code安全运行,防止rm -rf等危险操作,提高AI安全性

开源MCP工具 是一款遵循 MCP(Model Context Protocol)标准协议的 AI 工具扩展。通过 MCP 协议,它可以让 Claude、Cursor 等主流 AI 客户端直接访问和操作外部工具、数据源和服务,实现 AI 能力的无缝扩展。无论是文件操作、数据库查询还是 API 调用,都可以通过自然语言在 AI 对话中直接触发,极大提升生产效率。

📌 核心特色
  • 通过标准 MCP 协议与 Claude、Cursor 等主流 AI 客户端深度集成
  • 提供结构化工具调用接口,显著降低 AI 集成复杂度
  • 支持 Claude Desktop 和 Claude Code 无缝接入,开箱即用
  • 可与其他 MCP 工具组合叠加,构建完整 AI 工作站
  • 轻量无侵入设计,不影响现有系统架构
🎯 主要使用场景
  • 在 Claude Desktop 对话中直接调用本地工具,实现 AI 与系统的深度联动
  • 通过自然语言驱动复杂的多步骤自动化任务,代替繁琐手动操作
  • 将多个 MCP 工具组合使用,构建个人专属 AI 工作站
以下安装命令基于项目开发语言和类型自动生成,实际以官方 README 为准。
安装命令
# 方式一:通过 Claude Code CLI 一键安装
claude skill install https://github.com/yurukusa/cc-safe-setup

# 方式二:手动配置 claude_desktop_config.json
{
  "mcpServers": {
    "--mcp--": {
      "command": "npx",
      "args": ["-y", "cc-safe-setup"]
    }
  }
}

# 配置文件位置
# macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
# Windows: %APPDATA%/Claude/claude_desktop_config.json
📋 安装步骤说明
  1. 确认已安装 Node.js(v18 或以上版本)
  2. 打开 Claude Desktop 或 Claude Code 的 MCP 配置文件
  3. 按「交给 Agent 安装 → Claude Desktop」标签中的 JSON 配置填入 mcpServers 字段
  4. 保存配置文件并重启 Claude 客户端
  5. 重启后,在对话中即可使用本工具
以下用法示例由 AI Skill Hub 整理,涵盖最常见的使用场景。
常用命令 / 代码示例
# 安装后在 Claude 对话中直接使用
# 示例:
用户: 请帮我用 开源MCP工具 执行以下任务...
Claude: [自动调用 开源MCP工具 MCP 工具处理请求]

# 查看可用工具列表
# 在 Claude 中输入:"列出所有可用的 MCP 工具"
以下配置示例基于典型使用场景生成,具体参数请参照官方文档调整。
配置示例
// claude_desktop_config.json 配置示例
{
  "mcpServers": {
    "__mcp__": {
      "command": "npx",
      "args": ["-y", "cc-safe-setup"],
      "env": {
        // "API_KEY": "your-api-key-here"
      }
    }
  }
}

// 保存后重启 Claude Desktop 生效
📑 README 深度解析 真实文档 完整度 52/100 查看 GitHub 原文 →
以下内容由系统直接从 GitHub README 解析整理,保留代码块、表格与列表结构。

cc-safe-setup

npm version npm downloads tests

Listed on Product Hunt since April 21, 2026.

One command to make Claude Code safe for autonomous operation. 746 example hooks · 73+ Anthropic Issues addressed by hook · 9,250+ tests · 30K+ total installs · 日本語

npx cc-safe-setup

Installs 8 safety hooks in ~10 seconds. Blocks rm -rf /, prevents pushes to main, catches secret leaks, validates syntax after every edit. Zero npm dependencies. Hooks use jq at runtime (brew install jq / apt install jq).

What's a hook? A checkpoint that runs before Claude executes a command. Like airport security, it inspects what's about to happen and blocks anything dangerous before it reaches the gate.

▶ Live Demo (see hooks block rm -rf in your browser) · Incident Tracker (90 real incidents) · Token Checkup (what type are you?) · All 8 Tools · Defense Kit (11 incidents → 11 hooks, narrative-per-incident) · Drift Matrix (14 May 2026 cases × 10 hooks, "if I saw X install Y")

  cc-safe-setup
  Make Claude Code safe for autonomous operation

  Prevents real incidents (from GitHub Issues):
  ✗ rm -rf permanently destroyed ~50 GB / 1,500 files (#49129) ← April 2026
  ✗ Auto mode approved ~/.ssh deletion, all SSH keys gone (#49554)
  ✗ ~/.git-credentials PATs deleted without confirmation (#49539)
  ✗ rm -rf deleted 3,467 files (~7 GB) without confirmation (#46058)
  ✗ rm -rf deleted entire user directory via NTFS junction (#36339)
  ✗ Remove-Item -Recurse -Force destroyed unpushed source (#37331)
  ✗ Entire Mac filesystem deleted during cleanup (#36233)
  ✗ Untested code pushed to main at 3am
  ✗ Force-push rewrote shared branch history
  ✗ API keys committed to public repos via git add .
  ✗ Syntax errors cascading through 30+ files
  ✗ Sessions losing all context with no warning
  ✗ CLAUDE.md rules silently ignored after context compaction
  ✗ Claude ran destructive DDL on production database (#46684)
  ✗ AI executed delete/kill operations on production environment (#46650)
  ✗ Subagents ignoring all CLAUDE.md rules since v2.1.84 (#40459)

  Hooks to install:

  ● Destructive Command Blocker
  ● Branch Push Protector
  ● Post-Edit Syntax Validator
  ● Context Window Monitor
  ● Bash Comment Stripper
  ● cd+git Auto-Approver
  ● Secret Leak Prevention

  Install all 8 safety hooks? [Y/n] Y

  ✓ Done. 8 safety hooks installed.

What Gets Installed

HookPreventsRelated Issues
**Destructive Guard**rm -rf /, git reset --hard, git clean -fd, git checkout --force, sudo + destructive, PowerShell Remove-Item -Recurse -Force, rd /s /q, NFS mount detection[#46058](https://github.com/anthropics/claude-code/issues/46058) [#36339](https://github.com/anthropics/claude-code/issues/36339) [#36640](https://github.com/anthropics/claude-code/issues/36640) [#37331](https://github.com/anthropics/claude-code/issues/37331)
**Branch Guard**Pushes to main/master + force-push (--force) on all branches
**Secret Guard**git add .env, credential files, git add . with .env present[#6527](https://github.com/anthropics/claude-code/issues/6527)
**Syntax Check**Python, Shell, JSON, YAML, JS errors after edits
**Context Monitor**Session state loss from context window overflow (40%→25%→20%→15% warnings)
**Comment Stripper**Bash comments breaking permission allowlists[#29582](https://github.com/anthropics/claude-code/issues/29582)
**cd+git Auto-Approver**Permission prompt spam for cd /path && git log[#32985](https://github.com/anthropics/claude-code/issues/32985) [#16561](https://github.com/anthropics/claude-code/issues/16561)
**API Error Alert**Silent session death from rate limits or API errors, desktop notification + log

Each hook exists because a real incident happened without it.

After Installing

Verify your setup:

npx cc-health-check

Free guides

GuideWhat it covers
**[6-hook fortification for the 2026-04 regression cluster](https://gist.github.com/yurukusa/79eeabd11dbfa29d99e7f2a058391286)**The April 2026 postmortem recap + which 6 cc-safe-setup hooks would have caught each issue. No signup.
**[Find which CC versions ran your cache regression sessions](https://gist.github.com/yurukusa/60b21cc133769e0bedab0b828bca4f90)**One-line grep + jq diagnostic over ~/.claude/ logs. Shows per-day per-version count of sessions affected by [#46829](https://github.com/anthropics/claude-code/issues/46829)/[#46917](https://github.com/anthropics/claude-code/issues/46917).
**[/usage --json: 5 fields, one ratio that decides whether you migrate](https://yurukusa.hashnode.dev/how-to-read-usage-json-5-fields-one-ratio-that-decides-whether-you-migrate)**cache_creation_ratio cheat sheet for the v2.1.118 /usage --json output. Five fields and one ratio with HEALTHY / WATCH / TRIGGER bands so you can decide migration timing from your own logs, no third-party dashboard.
**[PocketOS 9-second wipe, 3-prevention audit script](https://gist.github.com/yurukusa/f4e9104ff5bb331b21c9446bffb57d91)**Read-only audit script (Railway / AWS / GCP / GitHub examples) for the three preventions surfaced by the [2026-04-25 PocketOS production-database wipe](https://yurukusa.hashnode.dev/9-seconds-no-backups-what-the-pocketos-wipe-tells-you-to-harden-before-friday) ([HN 817pt](https://news.ycombinator.com/item?id=47911524)). No destructive commands; prints questions and read-only checks you run yourself.
**[Postmortems incident #1 free preview, cache TTL regression Signal + Diagnosis](https://gist.github.com/yurukusa/9f597e27d4a44de85d4c8815a84b4f5d)**Verbatim chapter excerpt from the Postmortems book (live on Gumroad since 2026-05-05). Three read-only checks (one minute total) to tell whether the [March 2026 cache TTL regression](https://github.com/anthropics/claude-code/issues/46829) hit your sessions, no purchase required.
**[Copilot 2026-06-01 transition pre-flight checklist](https://gist.github.com/yurukusa/abf63634d1e0b5856bdbdcb378915bd8)**Five read-only audit steps to run today before GitHub's "Preview my bill" tool launches in early May. Identifies your tier, inventories your past 30-day usage by surface, and stages the stay/switch/hybridize decision tree against your own numbers. No purchase required.
**[Five primary-source-verified Claude Code signals (2026-04-26 to 2026-04-28)](https://gist.github.com/yurukusa/751f4c229b2499ba9e005e25c07d002d)**48-hour roundup with audit one-liners. [#52921](https://github.com/anthropics/claude-code/issues/52921) (Max 20× weekly limits resetting on a ~24-hour cycle, Anthropic in-app support acknowledged), [#53489](https://github.com/anthropics/claude-code/issues/53489) (Web MCP connectors lost + v2.1.120 force-rolled-back within 24h), [#53262](https://github.com/anthropics/claude-code/issues/53262) (HERMES.md substring routing), plugin hook path drift cluster, and the 2026-04-25 Anthropic Rate Limits API release. Two issues independently primary-source-verified.
**[claim-verify-audit.sh — 8 diagnostic checks for the May 2026 failure-mode cluster](scripts/claim-verify-audit.sh)**One-shot read-only audit (single bash file, MIT). Eight checks against documented patterns: 8.3 short-name allow-rule bypass ([#58614](https://github.com/anthropics/claude-code/issues/58614)), skill bloat token tax ([Reddit 1tbbove](https://www.reddit.com/r/ClaudeAI/comments/1tbbove/)), session backup absence ([#58608](https://github.com/anthropics/claude-code/issues/58608)), .env subagent inheritance ([#57068](https://github.com/anthropics/claude-code/issues/57068)), auto-compact drift ([#57490](https://github.com/anthropics/claude-code/issues/57490) + [#58373](https://github.com/anthropics/claude-code/issues/58373)), bypassPermissions remote override ([#57810](https://github.com/anthropics/claude-code/issues/57810)), settings.json JSON validity ([#57491](https://github.com/anthropics/claude-code/issues/57491)), cache-trail forensic ([#58608](https://github.com/anthropics/claude-code/issues/58608)). Each finding cites the source issue + the prevention chapter. Run with bash scripts/claim-verify-audit.sh from any working directory. Also published as a [standalone Gist](https://gist.github.com/yurukusa/e2fb2b2dadab456c5396704a485b789c).

Quick Start by Scenario

I want to...Command
Make Claude Code safe right nownpx cc-safe-setup --shield
Stop permission prompt spamnpx cc-safe-setup --install-example auto-approve-readonly
Enforce a rule instantlynpx cc-safe-setup --guard "never delete production data"
See what risks my project hasnpx cc-safe-setup --suggest
Convert CLAUDE.md rules to hooksnpx cc-safe-setup --from-claudemd
Share hooks with my teamnpx cc-safe-setup --team && git add .claude/
Choose a safety levelnpx cc-safe-setup --profile strict
See what Claude blocked todaynpx cc-safe-setup --replay
Know why a hook existsnpx cc-safe-setup --why destructive-guard
Block silent memory file editsnpx cc-safe-setup --install-example memory-write-guard
Stop built-in skills editing opaquelynpx cc-safe-setup --install-example skill-gate
Diagnose why hooks aren't workingnpx cc-safe-setup --doctor
Preview how hooks react to a commandnpx cc-safe-setup --simulate "git push origin main"
Protect a specific file from editsnpx cc-safe-setup --protect .env
Stop .git/ write promptsnpx cc-safe-setup --install-example allow-git-hooks-dir
Auto-approve compound git commandsnpx cc-safe-setup --install-example auto-approve-compound-git
Detect prompt injection patternsnpx cc-safe-setup --install-example prompt-injection-detector
Define rules in YAML, compile to hooksnpx cc-safe-setup --rules rules.yaml
Validate all hook scripts are correctnpx cc-safe-setup --validate
Maximum protection modenpx cc-safe-setup --safe-mode
Migrate from Cursor/Windsurf[Migration Guide](https://yurukusa.github.io/cc-safe-setup/migration-guide.html)

Examples

Examples

Need custom hooks beyond the 8 built-in ones? Install any example with one command:

npx cc-safe-setup --install-example block-database-wipe

Or browse all available examples in examples/:

  • claude-update-smart.sh: Skip the 226 MB tarball download when already up-to-date (workaround for #51243). Turns 30 s checks into 0.3 s. Falls through to the real claude update when a new release exists or the registry is unreachable.
  • auto-approve-git-read.sh: Auto-approve git status, git log, even with -C flags
  • auto-approve-ssh.sh: Auto-approve safe SSH commands (uptime, whoami, etc.)
  • enforce-tests.sh: Warn when source files change without corresponding test files
  • notify-waiting.sh: Desktop notification when Claude Code waits for input (macOS/Linux/WSL2)
  • edit-guard.sh: Block Edit/Write to protected files (defense-in-depth for #37210)
  • auto-approve-build.sh: Auto-approve npm/yarn/cargo/go/python build, test, and lint commands
  • auto-approve-docker.sh: Auto-approve docker build, compose, ps, logs, and other safe commands
  • block-database-wipe.sh: Block destructive database commands: Laravel migrate:fresh, Django flush, Rails db:drop, raw DROP DATABASE (#46684 #46650 #37405 #37439)
  • sql-bulk-delete-warn.sh: Warn when DELETE/UPDATE/TRUNCATE runs via psql/mysql/sqlite3/sqlcmd without a row-count safeguard. Catches the Issue #56738 pattern (DELETE WHERE col IS NULL after a regex/UPDATE that silently NULLed nearly every row, wiping 24,472 of 24,475 rows in 5 minutes before autovacuum cleaned the dead tuples). Also flags DELETE/UPDATE without WHERE, TRUNCATE TABLE, and psql -c invocations missing an explicit transaction. Strict mode via CC_SQL_BULK_DELETE_BLOCK=1 (#56738)
  • auto-approve-python.sh: Auto-approve pytest, mypy, ruff, black, isort, flake8, pylint commands
  • auto-snapshot.sh: Auto-save file snapshots before edits for rollback protection (#37386 #37457)
  • allowlist.sh: Block everything not explicitly approved, inverse permission model (#37471)
  • protect-dotfiles.sh: Block modifications to ~/.bashrc, ~/.aws/, ~/.ssh/ and chezmoi without diff (#37478)
  • scope-guard.sh: Block file operations outside project directory, absolute paths, home, parent escapes (#36233)
  • auto-checkpoint.sh: Auto-commit after every edit for rollback protection (#34674)
  • git-config-guard.sh: Block git config --global modifications without consent (#37201)
  • deploy-guard.sh: Block deploy commands when uncommitted changes exist (#37314)
  • network-guard.sh: Warn on suspicious network commands sending file contents (#37420)
  • test-before-push.sh: Block git push when tests haven't been run (#36970)
  • large-file-guard.sh: Warn when Write tool creates files over 500KB
  • commit-message-check.sh: Warn on non-conventional commit messages (feat:, fix:, docs:, etc.)
  • env-var-check.sh: Block hardcoded API keys (sk-, ghp_, glpat-) in export commands
  • timeout-guard.sh: Warn before long-running commands (npm start, rails s, docker-compose up)
  • branch-name-check.sh: Warn on non-conventional branch names (feature/, fix/, etc.)
  • todo-check.sh: Warn when committing files with TODO/FIXME/HACK markers
  • path-traversal-guard.sh: Block Edit/Write with ../../ path traversal and system directories
  • case-sensitive-guard.sh: Detect case-insensitive filesystems (exFAT, NTFS, HFS+) and block rm/mkdir that would collide due to case folding (#37875)
  • compound-command-approver.sh: Auto-approve safe compound commands (cd && git log, cd && npm test) that the permission system can't match (#30519 #16561)
  • tmp-cleanup.sh: Clean up accumulated /tmp/claude-*-cwd files on session end (#8856)
  • session-checkpoint.sh: Save session state to mission file before context compaction (#37866)
  • verify-before-commit.sh: Block git commit when lint/test commands haven't been run (#37818)
  • hook-debug-wrapper.sh: Wrap any hook to log input/output/exit code/timing to ~/.claude/hook-debug.log
  • loop-detector.sh: Detect and break command repetition loops (warn at 3, block at 5 repeats)
  • same-correction-arrest.sh: Detect the user repeating the same correction N=3 times in a session, then require a written plan before further Write/Edit. Operationalizes the model's own self-diagnosis in #60506 ("I have no drift detector"), grounded in the recognition-without-arrest framework from #60226.
  • closure-word-verify-gate.sh: Stop hook that scans the assistant's outgoing turn for closure words ("done", "shipped", "complete", "bitti", "finished") and refuses Stop unless a verification command (test runner, Playwright, curl) ran in the same turn. Implements customer recommendation #4 from #60506: "two hours after the rule I said 'bitti' again, without opening the browser"_.
  • redundant-read-blocker.sh: PreToolUse hook on Read that detects when the model is about to re-read a file already read in the same session (with the same mtime). Operationalizes #60283 ("excessive token consumption — task halted mid-execution with zero output") and the broader quota-leakage cluster (analysis, audit tool). Default mode warns; strict mode refuses the call.
  • commit-quality-gate.sh: Warn on vague commit messages ("update code"), long subjects, mega-commits
  • session-handoff.sh: Auto-save git state and session info to ~/.claude/session-handoff.md on session end
  • diff-size-guard.sh: Warn/block when committing too many files at once (default: warn at 10, block at 50)
  • dependency-audit.sh: Warn when installing packages not in manifest (npm/pip/cargo supply chain awareness)
  • env-source-guard.sh: Block sourcing .env files into shell environment (#401)
  • symlink-guard.sh: Detect symlink/junction traversal in rm targets (#36339 #764)
  • no-sudo-guard.sh: Block all sudo commands
  • no-install-global.sh: Block npm -g and system-wide pip
  • no-curl-upload.sh: Warn on curl POST/upload (data exfiltration)
  • no-port-bind.sh: Warn on network port binding
  • git-tag-guard.sh: Block pushing all tags at once
  • npm-publish-guard.sh: Version check before npm publish
  • max-file-count-guard.sh: Warn when 20+ new files created per session
  • protect-claudemd.sh: Block edits to CLAUDE.md and settings files
  • reinject-claudemd.sh: Re-inject CLAUDE.md rules after compaction (#6354)
  • binary-file-guard.sh: Warn when Write targets binary file types (images, archives)
  • stale-branch-guard.sh: Warn when working branch is far behind default
  • cost-tracker.sh: Estimate session token cost and warn at thresholds ($1, $5)
  • read-before-edit.sh: Warn when editing files not recently read (prevents old_string mismatches)
  • windows-python-stub-detector.sh: SessionStart probe that surfaces the Microsoft Store python3 stub on Windows Git Bash — which python3 succeeds but subprocess exits 49 with no output, silently no-op-ing every Python-based hook. Matches four failure modes (exit 49 / Store-redirect stderr / exit 127 / silent stub) and warns via hookSpecificOutput (#57946)

Migration Guide

MIGRATION.md: Step-by-step guide for moving from permissions-only to permissions + hooks. Keep your existing config, add safety layers on top.

Configuration

VariableHookDefault
CC_ALLOW_DESTRUCTIVE=1destructive-guard0 (protection on)
CC_SAFE_DELETE_DIRSdestructive-guardnode_modules:dist:build:.cache:__pycache__:coverage
CC_PROTECT_BRANCHESbranch-guardmain:master
CC_ALLOW_FORCE_PUSH=1branch-guard0 (protection on)
CC_SECRET_PATTERNSsecret-guard.env:.env.local:credentials:*.pem:*.key
CC_CONTEXT_MISSION_FILEcontext-monitor$HOME/mission.md

settings.json Reference

SETTINGS_REFERENCE.md: Complete reference for permissions, hooks, modes, and common configurations. Includes known limitations and workarounds.

Plugin Marketplace

Install safety hooks as Claude Code plugins, no npm required:

/plugin marketplace add yurukusa/cc-safe-setup
/plugin install safety-essentials@cc-safe-setup
PluginWhat it blocks
safety-essentialsrm -rf, force-push, hard-reset, .env overwrite, npm publish
git-protectionForce-push, main/master push, git clean, branch -D
credential-guard.env write/edit, API keys in commands, service account files

Also listed on claudemarketplaces.com.

CI Integration (GitHub Action)

```yaml

.github/workflows/safety.yml

- uses: yurukusa/cc-safe-setup@main with: threshold: 70 # CI fails if score drops below this ```

Troubleshooting

TROUBLESHOOTING.md: "Hook doesn't work" → step-by-step diagnosis. Covers every common failure pattern.

FAQ

Q: I installed hooks but Claude says "Unknown skill: claude-code-hooks:setup"

cc-safe-setup installs hooks, not skills or plugins. Hooks run automatically in the background, you don't invoke them manually. After install + restart, try running a dangerous command; the hook will block it silently.

Q: cc-health-check says to run cc-safe-setup but I already did

cc-safe-setup covers Safety Guards (75-100%) and Monitoring (context-monitor). The other health check dimensions (Code Quality, Recovery, Coordination) require additional CLAUDE.md configuration or manual hook installation from claude-code-hooks.

Q: Will hooks slow down Claude Code?

No. Each hook runs in ~10ms. They only fire on specific events (before tool use, after edits, on stop). No polling, no background processes.

**Q: My permission p

🎯 aiskill88 AI 点评 A 级 2026-05-23

该工具提供了一种简单的方式来提高AI安全性,适用于Claude Code等AI系统,但需要进一步测试和优化

⚡ 核心功能
👥 适合人群
Claude Desktop / Claude Code 用户AI 工具开发者需要扩展 AI 能力的专业人士自动化工程师
🎯 使用场景
  • 在 Claude Desktop 对话中直接调用本地工具,实现 AI 与系统的深度联动
  • 通过自然语言驱动复杂的多步骤自动化任务,代替繁琐手动操作
  • 将多个 MCP 工具组合使用,构建个人专属 AI 工作站
⚖️ 优点与不足
✅ 优点
  • +标准化 MCP 协议,生态互联性强
  • +与 Claude 官方生态无缝对接
  • +即插即用,配置简单快捷
⚠️ 不足
  • 未明确开源协议,商用场景需谨慎评估
  • 依赖 Claude 客户端,非 Claude 用户无法使用
  • MCP 协议仍在持续演进,接口可能变更
  • 需要一定的配置步骤
⚠️ 使用须知

该工具未明确声明开源协议,商业使用前请联系原作者确认授权范围,避免侵权风险。

AI Skill Hub 为第三方内容聚合平台,本页面信息基于公开数据整理,不对工具功能和质量作任何法律背书。

建议在沙箱或测试环境中充分验证后,再部署至生产环境,并做好必要的安全评估。

🔗 相关工具推荐
MCP 服务器资源汇总
精心策划的Model Context Protocol服务器列表,汇集AI工具生态中的优质MCP服务实现。面向Claud
Composio智能工具编排平台
MCP工具
Context7代码文档平台
MCP工具
AI工程师中心
MCP工具
🧩 你可能还需要
基于当前 Skill 的能力图谱,自动补全的工具组合
natively-cluely-ai-assistant — Claude Skill 中文使用文档
免费开源的AI面试助手,实时转录,隐蔽模式,局部RAG,BYOK。无订阅,防止数据泄露。
开源AI工具:RAG知识库系统
基于Vue.js前端的RAG知识库系统,提供高效的知识检索和生成功能,助力AI应用开发
LEANN AI技能包
MCP · Agent · 工作流
MassGen多智能体系统
MCP · Agent · 工作流
kb-arena开源AI工作流
kb-arena是开源的AI工作流,用于Benchmark 9 retrieval architectures(向量、上下文、QnA、知识图
agent-fleet-o MCP工具
本连为服务给的常用的模式,当前为常用的常用的模式。
❓ 常见问题 FAQ
使用One命令
💡 AI Skill Hub 点评

总体来看,开源MCP工具 是一款质量良好的MCP工具,在同类工具中具备一定竞争力。AI Skill Hub 将持续追踪其更新动态,建议收藏备用,结合自身场景选择合适时机引入使用。

⬇️ 获取与下载
⚠️ 该工具未声明开源协议,不提供直接下载。请访问原项目了解使用条款。
📚 深入学习 开源MCP工具
查看分步骤安装教程和完整使用指南,快速上手这款工具
⚙️ 安装教程 📚 使用教程
🌐 原始信息
原始名称 cc-safe-setup
Topics mcpagentic-codingai-safetyanthropicautomationautonomousshell
GitHub https://github.com/yurukusa/cc-safe-setup
语言 Shell
🔗 原始来源
🐙 GitHub 仓库  https://github.com/yurukusa/cc-safe-setup 🌐 官方网站  https://yurukusa.github.io/cc-safe-setup/

收录时间:2026-05-23 · 更新时间:2026-05-23 · License:未公布 · AI Skill Hub 不对第三方内容的准确性作法律背书。