An example of the deliverable shipped every month on the cc-safe-setup for Teams (Org Guard) tier.
| Organization (fictional) | Acme Corp — Product Engineering |
|---|---|
| Reporting period | 1–31 May 2026 |
| Repositories covered | 8 repos (entire GitHub organization) |
| Developers covered | 23 (ran Claude Code in the last 30 days) |
| Intended for | Security owner / SOC2 evidence / customer security questionnaires |
| Method | Aggregated from npx cc-safe-setup --audit --json per repo plus hook-log analysis (no manual entry) |
The organization's posture this month, aggregated from every repository's safety score (0–100). It's based on the hooks that are actually in effect per repo, checked mechanically — not on "we think we configured it".
Your real risk is set by the least-protected repo (the one nobody configured decides the org's effective exposure). This month legacy-billing and data-pipeline are below baseline; the remediation roadmap is in section 6.
| Repository | Score | Grade | Crit | High | vs last mo. |
|---|---|---|---|---|---|
web-frontend | 95 | A | 0 | 0 | ▲ +3 |
api-core | 92 | A | 0 | 1 | ▲ +8 |
auth-service | 88 | B | 0 | 1 | ― 0 |
mobile-app | 83 | B | 0 | 2 | ▲ +5 |
internal-tools | 80 | B | 0 | 2 | ▲ +12 |
infra-terraform | 74 | C | 0 | 3 | ― 0 |
data-pipeline | 52 | C | 1 | 3 | ▼ −4 |
legacy-billing | 38 | F | 2 | 2 | ▼ −6 |
Grades: A (80+) / B (60+) / C (40+) / F (below 40). Crit and High are counts of open findings at that severity.
Every month we ship a signed rule pack built from newly reported destructive incidents. Each rule is tied to a real, numbered incident and rolled into every repo's baseline within the month — not a generic checklist, but a fast response to what actually happened. This is the value that compounds over time, and it's built from a corpus only we maintain.
Response to: a helper (subagent) asked to "run 2 commands" rewrote 15 files on its own, including a production migration. At the execution layer this reads agent_id and blocks only subagent-originated writes to high-blast paths (migrations, IaC, .env, production config).
Source incident: #65152 · Applied to: all 8 repos · Severity: Medium
Response to: in auto mode a wildcard delete like *copy* swept up files the user never intended. Blocks absolute-path and home-directory wildcard deletes; lets bounded relative-path deletes through.
Source incident: #64559 · Applied to: all 8 repos · Severity: High
prisma db push --accept-data-lossResponse to: a migration-discard flag wiped production data. Hardened to catch --force-reset and --accept-data-loss reliably, even when they appear after a --schema argument.
Source incident: #14411 · Applied to: data-pipeline · Severity: Critical
We turn "it should be working" into "here's the log". This records drift from the org baseline and how often developers bypassed the safety checks (e.g. committing with --no-verify), per repository.
| Event | Repository | Count | Note |
|---|---|---|---|
git commit --no-verify (skipped the CI safety gate) | legacy-billing | 7 | Same developer. Worth a conversation. |
| Missing baseline hook (destructive-guard not configured) | legacy-billing | — | Baseline never applied on clone |
| Missing baseline hook (secret-guard not configured) | data-pipeline | — | Config drift. Fixed in section 6. |
| Destructive operations blocked by a hook (working as intended) | all repos | 14 | Of which: recursive deletes 6 · force pushes 5 · .env commits 3 |
The last row is "prevented", not "incidents" — evidence for leadership and customers that the safety investment actually fired.
| Priority | Target | Recommended action |
|---|---|---|
| Critical | legacy-billing | Re-apply the baseline (npx cc-safe-setup --team). This is production billing code; a missing destructive-guard is the top thing to close. |
| High | data-pipeline | Apply secret-guard and roll in the --accept-data-loss block (RULE-2605-03). |
| Medium | legacy-billing · 7× --no-verify | Review the practice of skipping the CI gate. If a bypass is ever needed, document an exception process. |
| Low | infra-terraform | Add terraform destroy protection to the baseline (currently warn-only). |
For the period of May 2026, operations-layer safety controls for Claude Code were continuously applied across Acme Corp Product Engineering's 8 repositories and 23 developers. The org weighted-average score improved from 72 to 78, and 14 destructive operations were automatically blocked during the period. Two repositories are below baseline; the section 6 remediation is expected to improve them next month.
This summary is delivered in a form you can attach directly to a SOC2 evidence package, a customer security questionnaire, or a quarterly leadership report.
This is an example deliverable from the cc-safe-setup for Teams (Org Guard) tier. The core hooks stay free forever (MIT), and the individual --audit score stays free too. The tier only adds what a single developer doesn't need but an organization does: the cross-repo rollup, the monthly incident rule feed, the bypass audit, and a report you can hand over.
The cited incidents (#65152 · #64559 · #14411) are all real, reported GitHub issues. The hook behind each rule is verified live in the cc-safe-setup repository. The scores, counts, and repo names are fictional.
Tell us it'd help — Discussion #632 → Team rollout playbook →