mdpact

tools/destructive-no-confirm

severity: errorcategory: toolsfixable: no

A destructive action is described without any confirmation / human-gate language nearby.

tools/destructive-no-confirm

Severity: error Category: tools Fixable: no

What it catches

A directive that names a destructive verb (delete, drop, deploy, release, send, purge, reset, etc.) without any confirmation / human-gate language ("confirm", "ask", "review", "approval", "dry run") nearby.

Why it matters

Agents will execute tool calls when the rule says to. A spec that says "delete the staging bucket every Monday" with no confirmation language will do exactly that — and any misclassification of a task as Monday-shaped costs you a bucket. Destructive operations should always have an explicit gate in the spec, so the agent has an unambiguous place to stop and ask.

Example — bad

- Delete expired users nightly.

Example — good

- Delete expired users nightly — but first, dry-run the query and ask for approval in #ops.
good.md
---
version: 1
owner: team
---

# Spec

- You must delete expired users nightly, but always dry-run the query first and wait for human approval in #ops.
bad.md
---
version: 1
owner: team
---

# Spec

- Always delete expired users nightly.