Skills bash-defensive-patterns
🛡️

bash-defensive-patterns

Safe 🌐 Network access📁 Filesystem access⚙️ External commands

Build safer Bash scripts

Write Bash scripts that fail safely and are easier to debug. This skill provides defensive patterns for errors, inputs, and cleanup.

Supports: Claude Codex Code(CC)
📊 69 Adequate
1

Download the skill ZIP

2

Upload in Claude

Go to Settings → Capabilities → Skills → Upload skill

3

Toggle on and start using

Test it

Using "bash-defensive-patterns". Explain how to add strict mode and cleanup to my script

Expected outcome:

  • Enable strict mode with set -Eeuo pipefail
  • Add an ERR trap that prints the failing line
  • Create a temp directory with mktemp -d
  • Use an EXIT trap to remove the temp directory

Using "bash-defensive-patterns". How do I safely parse command line arguments in Bash

Expected outcome:

  • Use a while loop with case statements for option parsing
  • Quote all variables including $1 and $2
  • Validate required arguments after parsing
  • Show usage help for -h or unknown options

Using "bash-defensive-patterns". Show me a safe way to run background tasks

Expected outcome:

  • Store PIDs in an array when starting background jobs
  • Create a cleanup function that sends SIGTERM to tracked PIDs
  • Trap SIGTERM and SIGINT to call cleanup
  • Use wait to join all background processes

Security Audit

Safe
v4 • 1/17/2026

Pure documentation skill containing only instructional markdown and code examples. No executable scripts, file system access, network calls, or data collection capabilities. Content matches stated purpose of teaching defensive Bash programming patterns. All 116 static findings are FALSE POSITIVES - the flagged patterns are the TOPIC being taught, not malicious code.

2
Files scanned
711
Lines analyzed
3
findings
4
Total audits

Risk Factors

🌐 Network access (4)
skill-report.json:6 SKILL.md:531 SKILL.md:532 SKILL.md:533
📁 Filesystem access (9)
skill-report.json:127 SKILL.md:286 SKILL.md:287 SKILL.md:293 SKILL.md:498 SKILL.md:47 SKILL.md:165 SKILL.md:351 SKILL.md:522
⚙️ External commands (78)
SKILL.md:26-29 SKILL.md:29-32 SKILL.md:32-33 SKILL.md:33-34 SKILL.md:34-35 SKILL.md:35-40 SKILL.md:40-49 SKILL.md:49-54 SKILL.md:54-63 SKILL.md:63-68 SKILL.md:68-79 SKILL.md:79-82 SKILL.md:82 SKILL.md:82-84 SKILL.md:84-99 SKILL.md:99-105 SKILL.md:105-114 SKILL.md:114-118 SKILL.md:118-154 SKILL.md:154-158 SKILL.md:158-175 SKILL.md:175-179 SKILL.md:179-238 SKILL.md:238-242 SKILL.md:242-270 SKILL.md:270-274 SKILL.md:274-308 SKILL.md:308-312 SKILL.md:312-359 SKILL.md:359-363 SKILL.md:363-398 SKILL.md:398-402 SKILL.md:402-423 SKILL.md:423-427 SKILL.md:427-446 SKILL.md:446-452 SKILL.md:452-485 SKILL.md:485-489 SKILL.md:489-510 SKILL.md:510-514 SKILL.md:514-515 SKILL.md:515-526 SKILL.md:526 SKILL.md:47 SKILL.md:87 SKILL.md:92 SKILL.md:110 SKILL.md:111 SKILL.md:165 SKILL.md:248 SKILL.md:252 SKILL.md:256 SKILL.md:261 SKILL.md:351 SKILL.md:407 SKILL.md:408 SKILL.md:411 SKILL.md:40-49 SKILL.md:84-99 SKILL.md:105-114 SKILL.md:158-175 SKILL.md:242-270 SKILL.md:312-359 SKILL.md:402-423 SKILL.md:27 SKILL.md:41 SKILL.md:106 SKILL.md:119 SKILL.md:159 SKILL.md:180 SKILL.md:243 SKILL.md:275 SKILL.md:313 SKILL.md:364 SKILL.md:403 SKILL.md:428 SKILL.md:453 SKILL.md:490
Audited by: claude View Audit History →

Quality Score

38
Architecture
100
Maintainability
85
Content
21
Community
100
Security
87
Spec Compliance

What You Can Build

Harden CI scripts

Apply strict mode, traps, and safe file handling to reduce pipeline failures.

Safer maintenance scripts

Build idempotent system scripts with logging and cleanup patterns.

Reliable utilities

Add input validation and dry run support to team utilities.

Try These Prompts

Strict mode setup 
Create a Bash script header with strict mode, error traps, and a cleanup handler for temporary files.
Parse arguments 
Show a robust argument parser with --verbose, --dry-run, and --output, plus validation.
Safe file ops 
Provide safe move and safe delete functions with clear error messages.
Process orchestration 
Give a pattern to start background jobs, track PIDs, and cleanly stop on SIGTERM.

Best Practices

  • Enable strict mode and inherit ERR traps
  • Quote all variables and validate inputs
  • Use traps for cleanup and clear error messages

Avoid

  • Using unquoted variables in file operations
  • Ignoring command failures in pipelines
  • Overwriting files without existence checks

Frequently Asked Questions

Is this compatible with macOS and Linux?
Yes, examples target Bash on common macOS and Linux environments.
Does it support POSIX sh?
No, many examples use Bash specific features.
Can I integrate this into CI pipelines?
Yes, the patterns are designed for CI and automation scripts.
Does it access my files or secrets?
No, it only provides guidance and code patterns.
What if strict mode breaks my script?
Review unset variables and failing commands, then add checks or defaults.
How does this compare to a linter?
It provides patterns and examples, not automated linting.

Developer Details

Author

wshobson

License

MIT

Repository

https://github.com/wshobson/agents/tree/main/plugins/shell-scripting/skills/bash-defensive-patterns

Ref

main

File structure

📄 SKILL.md