CmdGuard
block dangerous shell commands before your AI agent runs them
npx -y github:Isco0819/cmdguardEver run into this?
ShellCheck has 35k+ GitHub stars and is the gold standard for shell script safety, but there is no MCP-native layer that intercepts raw shell strings before an AI agent executes them. Agents confidently run rm -rf, curl | bash, or unbounded loops undetected until damage is done. Nothing gates shell execution inside the agent loop today.
The fix
CmdGuard is an MCP server that wraps any shell-execution tool call, runs the command string through ShellCheck plus a configurable JSON rule set, and returns a SAFE/WARN/BLOCK verdict with reasons before the agent proceeds.
What it does
- ShellCheck integration — static analysis catches dangerous patterns and script bugs on every command string before execution
- Custom rule engine — define BLOCK/WARN regex rules per project (rm -rf, sudo, curl|sh, open ports, etc.) via cmdguard.json
- Append-only JSONL audit log of every command verdict queryable by agents or CI pipelines