Skip to content

coilyco-flight-deck/cli-guard

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

117 Commits
.agents/skills/cli-guard
.agents/skills/cli-guard
 
 
.claude
.claude
 
 
.github
.github
 
 
audit
audit
 
 
config
config
 
 
decision
decision
 
 
dispatch
dispatch
 
 
docs
docs
 
 
egress
egress
 
 
examples
examples
 
 
exitcode
exitcode
 
 
ghcache
ghcache
 
 
ghidcache
ghidcache
 
 
ghratelimit
ghratelimit
 
 
gittree
gittree
 
 
hook
hook
 
 
lockdown
lockdown
 
 
mcporter
mcporter
 
 
passthrough
passthrough
 
 
policy
policy
 
 
profile
profile
 
 
profiles
profiles
 
 
repocfg
repocfg
 
 
respfmt
respfmt
 
 
scope
scope
 
 
scripts
scripts
 
 
shell
shell
 
 
skillgen
skillgen
 
 
ssh
ssh
 
 
stscache
stscache
 
 
sudo
sudo
 
 
ttlcache
ttlcache
 
 
verb
verb
 
 
workdir
workdir
 
 
.agentic-os.toml
.agentic-os.toml
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
.golangci.yaml
.golangci.yaml
 
 
.pre-commit-config.yaml
.pre-commit-config.yaml
 
 
AGENTS.md
AGENTS.md
 
 
CODE_OF_CONDUCT.md
CODE_OF_CONDUCT.md
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
SECURITY.md
SECURITY.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
godoc-current.txt
godoc-current.txt
 
 
mkdocs-requirements.txt
mkdocs-requirements.txt
 
 
mkdocs.yml
mkdocs.yml
 
 
staticcheck.conf
staticcheck.conf
 
 

Repository files navigation

cli-guard

Go Reference Go Report Card Tests status

cli-guard is a security-boundary framework for urfave/cli v3 applications, designed to sit between AI agents (or any semi-trusted automation) and the host system, featuring:

  • argv validation rejecting shell metacharacters before they reach execve
  • append-only JSONL audit log with lumberjack rotation
  • read / write / delete scope tokens, validated per verb
  • --commit-scope resolution binding every audit row to a git toplevel
  • clean+synced gate refusing repo-shaped verbs on a dirty tree
  • per-repo command allowlist loaded from per-repo YAML config files (e.g. .ward/ward.yaml, .coily/coily.yaml)
  • thin pass-through wrapper for embedding existing CLIs as audited subcommands
  • per-invocation CONNECT proxy with consumer-supplied egress allowlist
  • public exit-code taxonomy for orchestrators
  • reusable dispatch subsystem firing claude against a real open issue, headless or interactive

Documentation

See docs/FEATURES.md for a feature inventory, examples/ for runnable demos one per primitive, and the CLI reference for the rendered command tree of every example. Local dev verbs run through make (see the Makefile).

Support

If you found a bug or have a feature request, create a new issue. Participation in this community is governed by the Code of Conduct. Security disclosures go through SECURITY.md.

Sibling repo: cli-mcp.

License

See LICENSE.

See also

Cross-reference convention from coilysiren/agentic-os#59.

About

urfave/cli v3 extension: scope-tokens, audit log, lockdown writer, argv-validation framework. Intended for the urfave/cli ecosystem.

coilyco-flight-deck.github.io/cli-guard/

Topics

share

Resources

Readme

License

MIT license

Code of conduct

Code of conduct

Contributing

Contributing

Security policy

Security policy
Activity
Custom properties

Stars

1 star

Watchers

1 watching

Forks

1 fork
Report repository

Releases

1 tags

Packages

 
 
 

Contributors

Languages