diff --git a/lib/hooks/on-pretooluse-guard.sh b/lib/hooks/on-pretooluse-guard.sh
index e4489b3..58ff61a 100755
--- a/lib/hooks/on-pretooluse-guard.sh
+++ b/lib/hooks/on-pretooluse-guard.sh
@@ -26,11 +26,19 @@ command_str=$(printf '%s' "$input" | jq -r '.tool_input.command // empty' 2>/dev
 [ -z "$command_str" ] && exit 0
 
 # --- Guard 1: force push to primary branch ---
+# Also blocks bare "git push --force" (no branch arg) since the upstream
+# tracking branch might point to the primary branch.
 if printf '%s' "$command_str" | grep -qE '\bgit\s+push\b' \
-   && printf '%s' "$command_str" | grep -qE '(--force|--force-with-lease|\s-[a-zA-Z]*f)\b' \
-   && printf '%s' "$command_str" | grep -qw "$primary_branch"; then
-  printf 'BLOCKED: Force-pushing to %s is not allowed. Push to your feature branch instead.\n' "$primary_branch"
-  exit 2
+   && printf '%s' "$command_str" | grep -qE '(--force|--force-with-lease|\s-[a-zA-Z]*f)\b'; then
+  if printf '%s' "$command_str" | grep -qw "$primary_branch"; then
+    printf 'BLOCKED: Force-pushing to %s is not allowed. Push to your feature branch instead.\n' "$primary_branch"
+    exit 2
+  fi
+  # Bare force push with no explicit branch — could target primary via upstream
+  if ! printf '%s' "$command_str" | grep -qE '\bgit\s+push\s+\S+\s+\S'; then
+    printf 'BLOCKED: Bare force-push without an explicit branch is not allowed (upstream may point to %s). Specify your feature branch: git push --force-with-lease origin <branch>\n' "$primary_branch"
+    exit 2
+  fi
 fi
 
 # --- Guard 2: rm -rf outside worktree ---
@@ -43,7 +51,8 @@ if [ -n "$worktree_path" ] \
       [ -z "$p" ] && continue
       case "$p" in
         "${worktree_path}"/*|"${worktree_path}") ;;  # Inside worktree — allow
-        /dev/*) ;;  # Device paths — allow
+        /tmp/*|/tmp) ;;   # Temp files — allow (agents use /tmp for scratch)
+        /dev/*) ;;        # Device paths — allow
         *)
           printf 'BLOCKED: rm -rf targets %s which is outside the worktree (%s). Only delete files within your worktree.\n' "$p" "$worktree_path"
           exit 2
@@ -60,10 +69,11 @@ if printf '%s' "$command_str" | grep -qE '/pulls/[0-9]+/merge'; then
 fi
 
 # --- Guard 4: checkout/switch to primary branch ---
-# Blocks: git checkout main, git switch main
+# Blocks: git checkout main, git switch main, git switch --detach main, etc.
 # Allows: git checkout -b branch main, git checkout -- file
-if printf '%s' "$command_str" | grep -qE "\bgit\s+(checkout|switch)\s+${primary_branch}\b" \
-   && ! printf '%s' "$command_str" | grep -qE '\s--\s'; then
+escaped_branch=$(printf '%s' "$primary_branch" | sed 's/[.[\*^$()+?{|]/\\&/g')
+if printf '%s' "$command_str" | grep -qE "\bgit\s+(checkout|switch)\s+(-[^ ]+\s+)*${escaped_branch}\b" \
+   && ! printf '%s' "$command_str" | grep -qE '(\s--\s|\s-[bBcC]\s)'; then
   printf 'BLOCKED: Switching to %s is not allowed. Stay on your feature branch.\n' "$primary_branch"
   exit 2
 fi