Command Guard
Checks your AI agent’s shell commands before they run — blocks destructive ones like rm -rf, git push --force or DROP TABLE.
What does the tool do?
AI agents like Claude Code execute shell commands — fast and mostly right. Command Guard is the checkpoint for the rest: your agent passes the command line to check_command before running it and gets back “allow” or “block” — with a reason and a safer alternative.
Commands are checked against 7 curated protection packs (git, filesystem, disks, databases, containers, cloud, system) and your personal allow/deny list, which you edit in the browser.
- Blocks destructive patterns BEFORE they execute
- 7 protection packs with sensible defaults — active immediately
- Personal allow/deny list per account, testable live
- Response includes reason + safer alternative for the agent
How to talk to it
Example prompts to copy — your assistant then calls the tool on its own.
“Use check_command to verify whether “git push --force origin main” is allowed.”
“Before every shell execution, call check_command with the command line first.”
Parameters
| Name | Required | Description |
|---|---|---|
command | yes | The full shell command line to check. |