Skip to main content
This guide gets CC Safety Net installed, verified, and producing a real blocked command in minutes. It works the same way across every supported agent — Claude Code, Codex, Gemini CLI, GitHub Copilot CLI, Kimi Code, OpenCode, and Pi — so the steps below are agent-neutral.
1

Install CC Safety Net for your agent

Each agent has its own install method (plugin marketplace, extension, config write, or package install). Follow the step for your agent on the Installation page, then come back here.That page is the single source of truth for install commands — this guide avoids duplicating them so the instructions can’t drift out of sync.
2

Verify the installation

Run the doctor command to confirm CC Safety Net is wired in and blocking commands for your agent:
npx cc-safety-net doctor
It checks every supported agent at once, so you don’t need to tell it which one you use. A clean run prints a green checkmark next to each item — hook integration, a self-test that confirms blocking works (git reset --hard and rm -rf / blocked; rm -rf ./node_modules allowed), custom-rule validation, and more. See the doctor command reference for the full list of checks.If anything fails, the output explains what went wrong and how to fix it.
3

See a real block

With CC Safety Net active, ask your agent to run these two commands and observe the difference:
# Should be BLOCKED — discards uncommitted changes permanently
git checkout -- README.md

# Should be ALLOWED — creates a new branch, no data loss
git checkout -b test-branch
When CC Safety Net blocks the first command, your agent receives a structured block message (see below) and is instructed to ask you for explicit permission before trying anything similar again. The second command runs normally.

What a Block Looks Like

When CC Safety Net intercepts a destructive command, it returns a message like this to your agent: 
BLOCKED by CC Safety Net

Reason: git checkout -- discards uncommitted changes permanently. Use 'git stash' first.

Command: git checkout -- src/main.py

If this operation is truly needed, ask the user for explicit permission and have them run the command manually.
Your agent sees this message instead of executing the command. It will typically explain what happened, suggest a safer alternative, and ask you whether you want to proceed manually.

Next Steps

Explore Modes

Learn about Default, Strict, Paranoid, and Worktree modes and when to use each one.

Custom Rules

Define your own blocking rules at the project or user level to enforce team conventions.

Blocked Commands

Browse the full list of commands CC Safety Net blocks by default and the reasoning behind each.

How It Works

Go deeper on semantic command analysis, shell wrapper detection, and the hook lifecycle.