urfave/cli v3 extension: scope-tokens, audit log, lockdown writer, argv-validation framework. Intended for the urfave/cli ecosystem.
- Go 99.9%
| .agents/skills/repo-cli-guard | ||
| .forgejo/workflows | ||
| .github | ||
| cli | ||
| cmd | ||
| docs | ||
| examples | ||
| http | ||
| pkg | ||
| scripts | ||
| .agentic-os.toml | ||
| .gitattributes | ||
| .gitignore | ||
| .golangci.yaml | ||
| .pre-commit-config.yaml | ||
| AGENTS.md | ||
| CLAUDE.md | ||
| CODE_OF_CONDUCT.md | ||
| CONTRIBUTING.md | ||
| go.mod | ||
| go.sum | ||
| godoc-current.txt | ||
| LICENSE | ||
| Makefile | ||
| mkdocs-requirements.txt | ||
| mkdocs.yml | ||
| README.md | ||
| SECURITY.md | ||
| staticcheck.conf | ||
cli-guard
cli-guard is a security-boundary framework for urfave/cli v3 applications, designed to sit between AI agents (or any semi-trusted automation) and the host system, featuring:
- argv validation rejecting shell metacharacters before they reach
execve - append-only JSONL audit log with lumberjack rotation
- read / write / delete scope tokens, validated per verb
- best-effort RepoRoot stamping that records each audit row's git toplevel (empty outside any repo)
- clean+synced gate refusing repo-shaped verbs on a dirty tree
- per-repo command allowlist loaded from per-repo YAML config files (e.g.
.<app>/<app>.yaml) - thin pass-through wrapper for embedding existing CLIs as audited subcommands
- per-invocation CONNECT proxy with consumer-supplied egress allowlist
- public exit-code taxonomy for orchestrators
Documentation
See docs/FEATURES.md for a feature inventory, examples/ for runnable demos one per primitive, and the CLI reference for the rendered command tree of every example. Local dev verbs run through make (see the Makefile).
Support
If you found a bug or have a feature request, create a new issue. Participation in this community is governed by the Code of Conduct. Security disclosures go through SECURITY.md.
Sibling repo: cli-mcp.
License
See LICENSE.
See also
- AGENTS.md - agent-facing operating rules.
- docs/FEATURES.md - inventory of what ships today.
Cross-reference convention from the shared repo-pointer rule in the agentic-os docs.