Dicklesworthstone/destructive_command_guard
The Destructive Command Guard (dcg) is for blocking dangerous git and shell commands from being executed by agents.
Based on the README, here's a technical summary: Implements a three-tier hook architecture with SIMD-accelerated regex filtering and AST-based heredoc scanning to detect destructive patterns in command arguments, inline scripts, and environment variables with sub-millisecond latency. Integrates directly with Claude Code, Copilot CLI, Gemini CLI, and Aider through native hook protocols, while offering 49+ modular security packs covering databases (PostgreSQL, MySQL), container platforms (Docker, Kubernetes), and cloud providers (AWS, GCP, Azure). Employs fail-open design with agent-specific trust profiles and dual regex engines to balance protection against accidental workflow breakage.
670 stars. Actively maintained with 41 commits in the last 30 days.
Stars
670
Forks
40
Language
Rust
License
—
Category
Last pushed
Mar 12, 2026
Commits (30d)
41
Get this data via API
curl "https://pt-edge.onrender.com/api/v1/quality/agents/Dicklesworthstone/destructive_command_guard"
Open to everyone — 100 requests/day, no key needed. Get a free key for 1,000/day.
Featured in
Related agents
microsoft/agent-governance-toolkit
AI Agent Governance Toolkit — Policy enforcement, zero-trust identity, execution sandboxing, and...
ucsandman/DashClaw
🛡️Decision infrastructure for AI agents. Intercept actions, enforce guard policies, require...
vstorm-co/pydantic-ai-middleware
Middleware layer for Pydantic AI — intercept, transform & guard agent calls with 7 lifecycle...
mattijsmoens/sovereign-shield
AI security framework: tamper-proof action auditing, prompt injection firewall, ethical...
vstorm-co/pydantic-ai-shields
Guardrail capabilities for Pydantic AI — cost tracking, prompt injection detection, PII...