Safety Levels

Caro includes a comprehensive safety system that validates all generated commands before execution. This page explains how safety validation works and how to configure it for your needs.

How Safety Validation Works

Every command generated by Caro goes through multiple validation steps:

  1. Pattern Matching - Checks against known dangerous command patterns
  2. Risk Assessment - Evaluates the potential impact of the command
  3. POSIX Compliance - Verifies the command uses standard utilities
  4. Path Validation - Checks for operations on protected system paths

Risk Levels

Commands are classified into four risk levels:

Safe

Commands that only read data or have no lasting effects. These execute without confirmation. 

ls -la
cat file.txt
pwd
date

Moderate

Commands that modify user data but are generally reversible. May require confirmation depending on safety level. 

mv file.txt backup/
cp -r src/ dest/
git commit -m "message"

High

Commands that can cause significant data loss or system changes. Require confirmation in moderate and strict modes. 

rm -rf directory/
chmod -R 777 folder/
sudo apt-get remove package

Critical

Commands that could damage the system or cause irreversible data loss. Blocked in strict and moderate modes. 

rm -rf /
mkfs.ext4 /dev/sda
dd if=/dev/zero of=/dev/sda

Safety Levels

Strict

Maximum protection for production systems and sensitive data:

  • Blocks: High and Critical risk commands
  • Confirms: Moderate risk commands
  • Allows: Safe commands
$ caro --safety strict "delete all log files"

Moderate (Default)

Balanced protection for everyday use:

  • Blocks: Critical risk commands
  • Confirms: High risk commands
  • Allows: Safe and Moderate commands
$ caro --safety moderate "cleanup temp files"

Permissive

Minimal restrictions for experienced users:

  • Blocks: Nothing (only warns)
  • Confirms: Critical risk commands
  • Allows: All other commands with warnings
$ caro --safety permissive "format disk"
Warning Permissive mode should only be used when you fully understand the risks and are working in a safe environment like a VM or container.

Dangerous Command Patterns

Caro blocks or warns about these known dangerous patterns:

Filesystem Destruction

  • rm -rf / - Remove root filesystem
  • rm -rf ~ - Remove home directory
  • rm -rf /* - Remove all files

Disk Operations

  • mkfs.* - Format disk
  • dd if=/dev/zero - Overwrite with zeros
  • fdisk - Modify partitions

System Paths

  • /bin, /sbin - System binaries
  • /usr - User programs
  • /etc - System configuration
  • /boot - Boot files

Other Dangerous Patterns

  • Fork bombs: :(){ :|:& };:
  • Recursive chmod: chmod -R 777 /
  • Hidden sudo: Commands that escalate privileges unexpectedly

Bypassing Safety (Use with Caution)

The --confirm flag bypasses confirmation prompts. Use only when you're certain about the command: 

# Skip confirmation (dangerous!)
$ caro --confirm "remove all temp files"
Danger Never use --confirm with commands you haven't reviewed. Never use it in automated scripts without careful review.

Best Practices

  • Use strict mode on production systems
  • Use moderate mode for daily development
  • Use permissive mode only in isolated environments
  • Always review commands before execution
  • Use --dry-run to preview dangerous operations