AI coding agents are powerful but they don't hesitate before running rm -rf /, kubectl delete namespace production, or terraform destroy. shellfirm adds a safety layer that catches risky commands before they execute.
How it works with AI agents:
One command to set up: shellfirm connect claude-code
This gives you two layers of protection:
1. Hooks – automatic pre-execution checks that block dangerous commands before the agent can run them. The agent can't bypass or ignore these.
2. MCP tools – the agent can proactively ask "is this command risky?" and get back structured risk assessments with severity, blast radius, and safer alternatives.
shellfirm covers 9 ecosystems (git, k8s, terraform, databases, filesystem, etc.) with pattern matching, context detection (SSH, root, production branch), and team
policies via .shellfirm.yaml.
Supports Claude Code (hooks + MCP), Cursor, Windsurf, Zed, and Cline.
AI coding agents are powerful but they don't hesitate before running rm -rf /, kubectl delete namespace production, or terraform destroy. shellfirm adds a safety layer that catches risky commands before they execute.
How it works with AI agents:
One command to set up: shellfirm connect claude-code
This gives you two layers of protection:
1. Hooks – automatic pre-execution checks that block dangerous commands before the agent can run them. The agent can't bypass or ignore these.
2. MCP tools – the agent can proactively ask "is this command risky?" and get back structured risk assessments with severity, blast radius, and safer alternatives.
shellfirm covers 9 ecosystems (git, k8s, terraform, databases, filesystem, etc.) with pattern matching, context detection (SSH, root, production branch), and team policies via .shellfirm.yaml.
Supports Claude Code (hooks + MCP), Cursor, Windsurf, Zed, and Cline.
Written in Rust. Open source.