What is shellfirm?
A terminal safety tool that intercepts dangerous commands before execution
shellfirm is a terminal safety tool that intercepts dangerous shell commands and makes you confirm before executing. Think of it as a captcha for your terminal.
How it works
Every command you type passes through shellfirm's check pipeline:
- Shell hook intercepts the command before execution
- Pattern matching checks against 100+ regex patterns across 9 ecosystems
- Context detection evaluates your environment (SSH, root, git branch, k8s)
- Policy merge applies team rules from
.shellfirm.yaml - Blast radius computes the real-world impact of the command
- Challenge prompt asks you to confirm — or blocks the command entirely
Key features
- 9 ecosystems — filesystem, git, Docker, Kubernetes, AWS, Azure, GCP, Terraform, databases
- Context-aware — escalates protection on SSH, root, production branches, k8s clusters
- 3 challenge types — Math, Enter, or Yes (auto-escalated by severity and context)
- Blast radius — shows real impact before you confirm ("Deletes 347 files, 12.4 MB")
- AI agent safety — MCP server for Claude Code, Cursor, and any MCP-compatible agent
- Team policies —
.shellfirm.yamlin your repo for shared rules - Audit trail — JSON-lines log of every command and decision
- Interactive wrapper — protect live database sessions (psql, mysql, redis-cli)
- 8 shells — Zsh, Bash, Fish, Nushell, PowerShell, Elvish, Xonsh, Oils
Who is it for?
- Individual developers — protect yourself from costly mistakes
- DevOps / SRE teams — enforce safety policies across your organization
- AI agent operators — ensure Claude Code, Cursor, and other agents can't run destructive commands unchecked
- Security & compliance teams — audit trail for every command, SOC2-friendly logging