cli-guard

cli-guard is a security-boundary framework for urfave/cli v3 applications, designed to sit between AI agents (or any semi-trusted automation) and the host system.

It provides:

• argv validation rejecting shell metacharacters before they reach execve
• append-only JSONL audit log with lumberjack rotation
• read / write / delete scope tokens
• --commit-scope resolution binding every audit row to a git toplevel
• clean+synced gate refusing repo-shaped verbs on a dirty tree
• per-repo command allowlist
• thin pass-through wrapper for embedding existing CLIs as audited subcommands
• per-invocation CONNECT proxy with consumer-supplied egress allowlist
• public exit-code taxonomy for orchestrators

Where to go next

• Features - feature inventory.
• Examples - one runnable demo per primitive.
• CLI reference - rendered command tree for every example.
• Source on GitHub - issues, releases, code.

cli-guard is part of the cli-* family: cli-mcp, cli-web-docs, cli-web-ops.