$ shellfirm
Interactive Wrapper

Interactive Wrapper

Protect live database sessions and interactive CLIs with shellfirm wrap

shellfirm wrap creates a PTY (pseudo-terminal) proxy around any interactive command-line tool. Commands typed within the session are intercepted and checked against shellfirm's pattern database before being sent to the underlying tool.

Why wrap?

Shell hooks only intercept commands typed at your shell prompt. They do not protect you inside interactive sessions like:

  • psql (PostgreSQL)
  • mysql (MySQL)
  • redis-cli (Redis)
  • mongo (MongoDB)
  • Any other interactive REPL or CLI tool

Inside these sessions, a stray DROP TABLE users; or FLUSHALL executes immediately. shellfirm wrap adds a safety layer between you and the interactive tool.

Basic usage

shellfirm wrap <command> [args...]

For example:

shellfirm wrap psql -h prod.db.com -U analyst
shellfirm wrap mysql -h prod.db.com -u root -p
shellfirm wrap redis-cli -h prod.redis.com

This starts the wrapped tool in a PTY proxy. Everything looks and feels normal -- you get the same prompt, the same tab completion, the same output. But before any statement is executed, shellfirm checks it against the pattern database.

How it works

  1. shellfirm wrap spawns the target command inside a pseudo-terminal
  2. Your input is captured and buffered until a statement delimiter is detected
  3. When a complete statement is detected (e.g., ; for SQL tools, newline for others), shellfirm runs the check pipeline
  4. If the statement is safe, it is forwarded to the underlying tool
  5. If the statement is risky, shellfirm presents a challenge prompt
  6. If you pass the challenge, the statement is forwarded; if you cancel, it is discarded

Statement delimiters

Different tools use different statement delimiters:

Tool typeDelimiterExample
SQL tools (psql, mysql);DROP TABLE users;
Line-oriented tools (redis-cli)newlineFLUSHALL

The delimiter is configurable per tool in ~/.shellfirm/settings.yaml.

Configuration

# ~/.shellfirm/settings.yaml
wrappers:
  tools:
    psql:
      delimiter: ";"
      check_groups:
        - psql
        - database
    mysql:
      delimiter: ";"
      check_groups:
        - mysql
        - database
    redis-cli:
      delimiter: "\n"
      check_groups:
        - redis

Per-tool settings

SettingDefaultDescription
delimiter;Statement delimiter for splitting input
check_groups(global setting)Which check groups to use for this tool

When check_groups is empty, the global enabled_groups setting is used.

Context-aware protection

shellfirm wrap inherits all context-aware features. If you wrap psql while connected to a production server over SSH, the context signals (SSH, env vars, k8s context) are factored into the risk assessment and challenge escalation.

Limitations

  • The wrapper adds a small amount of latency to each statement (typically under 10ms for the check pipeline)
  • Tab completion and other interactive features are passed through transparently
  • Multi-line statements are supported -- the wrapper buffers until the delimiter is found
  • The wrapper does not modify the tool's output

Interactive Wrapper

Protect live database and REPL sessions with shellfirm wrap

PostgreSQL

Protect live PostgreSQL sessions with shellfirm wrap for psql

On this page

Why wrap?Basic usageHow it worksStatement delimitersConfigurationPer-tool settingsContext-aware protectionLimitations