| name | external-system-safety |
| description | Enforces confirmation workflow for EXTERNAL system writes (Jira, Confluence, BitBucket, Slack) ONLY. NEVER activates for Linear operations (Linear is internal tracking). Auto-activates when detecting potential writes to external PM systems (status updates, page creation, PR posts, notifications). Blocks execution and displays exact content that will be written. Requires explicit "yes" confirmation (rejects "ok", "sure", ambiguous responses). All Linear operations execute automatically without confirmation. Works alongside ccpm-code-review to ensure quality before external broadcasts. Provides audit trail of all confirmed operations. Allows batch operations with granular per-item confirmation when needed. |
| allowed-tools | read-file, grep, browser |
External System Safety Guardrails
This skill provides automatic safety enforcement for all operations involving external project management systems.
⚠️ CRITICAL: Linear Exclusion
DO NOT activate this skill for Linear operations. Linear is CCPM's internal tracking system.
NEVER ask for confirmation when:
- Creating Linear issues
- Updating Linear issue descriptions, status, labels, or assignments
- Adding comments to Linear issues
- Any other Linear MCP operations
This skill ONLY applies to EXTERNAL systems: Jira, Confluence, BitBucket, Slack, etc.
Instructions
⛔ ABSOLUTE RULES - NEVER VIOLATED
Before ANY write operation to EXTERNAL systems (NOT Linear), you MUST follow this confirmation workflow.
1. Detect External System Write Operations
Jira:
- Creating new issues or epics
- Updating issue status or fields
- Posting comments
- Changing assignees or labels
- Transitioning workflow states
Confluence:
- Creating new pages
- Editing existing pages
- Adding comments
- Updating page properties
- Deleting content
BitBucket:
- Creating pull requests
- Posting PR comments
- Approving or declining PRs
- Updating PR metadata
- Merging PRs
Slack:
- Sending messages to channels
- Posting notifications
- Updating channel topics
- Creating new channels
- Direct messages
2. STOP and Display Intent
When you detect a potential write operation:
⚠️ EXTERNAL SYSTEM WRITE DETECTED
System: [Jira/Confluence/BitBucket/Slack]
Operation: [Create/Update/Delete/Post]
Target: [Specific item/location]
Details:
---
[Exact content that will be written/posted]
---
This will modify external systems. Proceed? (yes/no)
3. Wait for Explicit Confirmation
Acceptable confirmations:
- "yes"
- "confirm"
- "proceed"
- "go ahead"
- "do it"
NOT acceptable (require re-confirmation):
- Silence
- "ok" (too ambiguous)
- "sure" (too casual)
- Any other response
4. Only Then Execute
After receiving explicit "yes" or equivalent:
- Execute the operation
- Log what was done
- Provide confirmation of success
- Show link to updated item if available
Examples
Example 1: Jira Status Update
User: "Update Jira ticket ABC-123 to Done"
Claude: ⚠️ EXTERNAL SYSTEM WRITE DETECTED
System: Jira
Operation: Update Status
Target: ABC-123
Details:
---
Status: In Progress → Done
---
This will modify external systems. Proceed? (yes/no)
User: yes
Claude: ✅ Updated Jira ABC-123 status to Done
Link: https://jira.company.com/browse/ABC-123
Example 2: Confluence Page Creation
User: "Create a Confluence page documenting the new API"
Claude: ⚠️ EXTERNAL SYSTEM WRITE DETECTED
System: Confluence
Operation: Create Page
Target: Engineering Space
Details:
---
Title: "New Payment API Documentation"
Parent: API Documentation
Content: [First 200 characters of content...]
---
This will modify external systems. Proceed? (yes/no)
User: no, not yet
Claude: Understood. I won't create the Confluence page. Let me know when you're ready.
Example 3: Slack Notification
User: "Let the team know the feature is deployed"
Claude: ⚠️ EXTERNAL SYSTEM WRITE DETECTED
System: Slack
Operation: Post Message
Target: #engineering channel
Details:
---
Message: "✅ Payment gateway integration deployed to production. All tests passing."
---
This will modify external systems. Proceed? (yes/no)
User: yes
Claude: ✅ Posted message to #engineering
Example 4: Multiple Operations
User: "Update Jira to Done and notify the team on Slack"
Claude: ⚠️ EXTERNAL SYSTEM WRITE DETECTED
I need to perform 2 write operations:
1. Jira - Update Status
Target: ABC-123
Change: In Progress → Done
2. Slack - Post Message
Target: #engineering
Message: "Task ABC-123 completed"
Proceed with both? (yes/no)
User: only the jira update
Claude: Got it. I'll update Jira ABC-123 but skip the Slack notification.
⚠️ Confirming: Update Jira ABC-123 to Done? (yes/no)
User: yes
Claude: ✅ Updated Jira ABC-123 to Done
❌ Skipped Slack notification as requested
Always Allowed (No Confirmation Needed)
The following operations NEVER require confirmation:
✅ Read operations:
- Fetching Jira issues
- Searching Confluence pages
- Viewing BitBucket PRs
- Reading Slack message history
- Querying any external system
✅ Linear operations:
- All Linear operations (internal tracking)
- Creating/updating Linear issues
- Adding comments to Linear
- Changing Linear status
✅ Local file operations:
- Reading/writing files in
.claude/directory - Editing codebase files
- Creating local documentation
- Git operations (commit, branch, etc.)
✅ Code operations:
- Writing production code
- Writing tests
- Running builds
- Executing tests
Special Cases
Case 1: User Explicitly Says "Without Confirmation"
If user explicitly requests bypassing confirmation:
User: "Update Jira ABC-123 to Done without asking me"
Still require ONE confirmation for safety:
Claude: I understand you want to skip confirmations, but for safety I need ONE confirmation:
Update Jira ABC-123 to Done? (yes/no)
[After yes, you can skip future confirmations in this session if user requests]
Case 2: Batch Operations
For multiple similar operations:
User: "Update all 5 tickets to Done"
Claude: ⚠️ EXTERNAL SYSTEM WRITE DETECTED
Batch operation: Update 5 Jira tickets to Done
- ABC-123
- ABC-124
- ABC-125
- ABC-126
- ABC-127
Proceed with all? (yes/no/show details)
User: yes
Claude: ✅ Updated all 5 tickets to Done
Case 3: User Seems Confused
If user response is unclear:
User: "maybe"
User: "I guess"
User: "if you think so"
Claude: I need explicit confirmation. Please respond with "yes" to proceed or "no" to cancel.
Integration with CCPM Commands
This skill works alongside CCPM commands that write to external systems:
Commands that trigger this skill:
/ccpm:done(creates BitBucket PR, sends Slack notification)/ccpm:sync(updates Jira status)- Any command with external system integration
How it works:
- User invokes command
- Command prepares to write to external system
- This skill auto-activates
- Confirmation workflow runs
- Only after "yes" does command proceed
Error Handling
If external system write fails after confirmation:
Claude: ⚠️ Write operation failed
System: Jira
Error: "Insufficient permissions to update ABC-123"
Possible solutions:
1. Check your Jira permissions
2. Ensure you're on the correct project
3. Verify the ticket exists
Would you like me to retry? (yes/no)
Audit Trail
After any confirmed external write:
Claude: ✅ Operation completed
Audit trail:
- Timestamp: 2025-11-19 14:32:15 UTC
- System: Jira
- Operation: Update Status
- Target: ABC-123
- User confirmed: Yes
- Result: Success
Logged to: .claude/audit-log.json
Why This Skill Exists
Problem: Easy to accidentally write to external systems when:
- Using agents that bypass command safety checks
- Misunderstanding what a command does
- Quickly testing a workflow
- Copy-pasting commands without reading
Solution: This skill provides an automatic safety layer:
- ✅ Works even when using agents directly
- ✅ Catches writes regardless of how they're initiated
- ✅ Provides clear "what will happen" preview
- ✅ Gives user final control before execution
Complements existing safety:
- Commands have built-in safety rules (
SAFETY_RULES.md) - This skill adds automatic detection layer
- Works together for defense-in-depth
Reference
For complete safety rules, see: ~/.claude/plugins/ccpm/commands/SAFETY_RULES.md