Commit 3ebbb671b6a8

@@ -27,6 +27,9 @@ export const commandRules: CommandRule[] = [
 	{ pattern: /:\(\)\s*\{\s*:\s*\|\s*:\s*&\s*\}\s*;/, desc: "fork bomb", action: "confirm" },
 	{ pattern: /\bkubectl\b/, desc: "kubectl command", action: "confirm" },
 
+	// Git: block broad staging (use explicit file paths)
+	{ pattern: /\bgit\s+add\s+(-[Aau]|--all|--update)\b/, desc: "broad git add (use explicit file paths)", action: "block", suggestion: "Use 'git add <file>...' with explicit paths to avoid staging unrelated changes" },
+
 	// Nix commands (block: must use make targets)
 	{ pattern: /\bnixos-rebuild\s+(switch|boot|test)/, desc: "direct nixos-rebuild", action: "block", suggestion: "Use 'make switch', 'make boot', or 'make host/<hostname>/switch' instead" },
 	{ pattern: /\bhome-manager\s+switch\b/, desc: "direct home-manager switch", action: "block", suggestion: "Use 'make switch' or appropriate make target instead" },