I've been running Claude Code autonomously for 200+ hours. Built hooks, wrote CLAUDE.md, set up a multi-agent system where two AIs consult each other while I sleep.
I assumed my setup was solid.
Then I wrote a 10-item diagnostic script and ran it on my own environment. Two items were red.
The 10 Things That Can Go Wrong
These aren't theoretical. Each one came from a real failure during autonomous operation:
- No CLAUDE.md — The AI has no persistent instructions. Every session starts from scratch.
- No hooks installed — No automated checks run after tool calls. Errors go unnoticed.
-
No dangerous command protection —
rm -rf,git reset --hardexecute without warning. Replit's AI deleted a production database in 2025. - No git auto-backup — No automatic branch creation before risky changes. One bad edit and you're recovering from reflog.
- No session state saving — When context runs out, all progress disappears. No checkpoint, no handoff notes.
- No external action gate — The AI can push code, post comments, send messages without approval.
- No error tracking — Errors happen, get fixed with a band-aid, and the root cause is never recorded.
-
No secrets in .gitignore —
.env, credentials, API keys sitting in the repo, onegit pushfrom public. - No settings.json — Claude Code's permission system isn't configured. Default behavior may not match your expectations.
-
Risky operations in git history —
git reset --hardorgit clean -fdin your reflog means it happened at least once.
Each item has a weight (1-3 points). Total possible score: 19.
My Results
I ran the scan on my main project directory:
Risk Score: 2/19 (MODERATE)
Two items were red: .gitignore didn't have secret patterns, and git auto-backup wasn't hooked up. Everything else passed — because I'd already spent months building the hooks.
But here's the thing: I built those hooks after the accidents happened. The dangerous command hook exists because Claude Code ran rm -rf on a project directory. The context monitor exists because a session died at 3% context with no checkpoint.
What a Fresh Setup Looks Like
On a clean machine with no hooks, no CLAUDE.md, no configuration:
Risk Score: 16/19 (CRITICAL)
9 out of 10 items fail. The only thing that passes is "no risky operations in git reflog" — because nothing has happened yet.
What Changes After the Fix
The diagnostic has a --fix flag that installs 4 free safety hooks:
curl -sL https://gist.githubusercontent.com/yurukusa/10c76edee0072e2f08500dd43da30bc3/raw/risk-score.sh | bash -s -- --fix
After running it:
Risk Score: 7/19 (HIGH)
Improved by 9 points.
Before: 16/19 (CRITICAL)
After: 7/19 (HIGH)
The free hooks cover: CLAUDE.md creation, hook installation, dangerous command detection, and settings.json setup. The remaining items (git backup, session saving, external gates, error tracking, .gitignore, reflog history) need additional configuration.
Try It
Run the scan (read-only, nothing installed):
curl -sL https://gist.githubusercontent.com/yurukusa/10c76edee0072e2f08500dd43da30bc3/raw/risk-score.sh | bash
10 seconds. Runs locally. No data sent anywhere. Source code on GitHub.
If you want to fix what it finds:
curl -sL https://gist.githubusercontent.com/yurukusa/10c76edee0072e2f08500dd43da30bc3/raw/risk-score.sh | bash -s -- --fix
Existing files are never overwritten.
More Resources
- 10-item self-check (manual version) — Read through each item with examples
- CLAUDE.md Generator — Answer 8 questions, get a tailored config
- 4 Free Safety Hooks — Context monitoring, syntax checking, decision warnings, autonomous operation
The free hooks handle the basics. If you're running extended autonomous sessions with multiple agents, the CC-Codex Ops Kit adds multi-agent relay, stall detection, watchdog processes, and a task queue system — the infrastructure for sessions that run while you're away.
Top comments (0)