urfave/cli v3 extension: scope-tokens, audit log, lockdown writer, argv-validation framework. Intended for the urfave/cli ecosystem.
Find a file
Coilyco Robotic Operations Division 16b0b2affc
All checks were successful
ci / secrets (push) Successful in 13s
ci / lint (push) Successful in 45s
ci / test (push) Successful in 58s
promote / gate-and-promote (push) Successful in 1m8s
release / release (push) Successful in 10s
Merge pull request 'Move release publishing to draft artifacts plus release retag' (#230) from issue-229 into main
2026-07-15 03:55:08 +00:00
.agents/skills/repo-cli-guard chore: drop stale duplicate cli-guard pointer skill 2026-06-05 22:56:39 -07:00
.forgejo/workflows feat(release): stage draft tags before release 2026-07-15 03:46:26 +00:00
.github ci: tame golangci-lint scratch use 2026-07-14 09:19:22 +00:00
cli sandbox: reduce jail setup complexity 2026-07-14 09:24:39 +00:00
cmd refactor(kdl-specs)!: rename specgen -> kdl-specs family 2026-07-01 04:50:14 +00:00
docs feat(release): stage draft tags before release 2026-07-15 03:46:26 +00:00
examples clean up issue-reference guard hits 2026-07-09 21:45:26 +00:00
http Add inline MCP proxy grants 2026-07-14 09:14:59 +00:00
pkg feat(release): stage draft tags before release 2026-07-15 03:46:26 +00:00
scripts remove legacy dispatch subsystem 2026-07-09 02:32:49 +00:00
.agentic-os.toml ward-container: residual claude work on coilyco-flight-deck/cli-guard 2026-06-24 07:08:57 +00:00
.gitattributes feat(passthrough): add WithEnvFunc for exec-time env injection 2026-05-29 14:36:30 -07:00
.gitignore Repository hygiene sweep: tier-A + CONTRIBUTING + godoc-current + auto-merge 2026-05-13 05:47:10 -07:00
.golangci.yaml chore(code-comments): clean comment-discipline violations; pin agentic-os v0.16.0 2026-06-08 16:58:27 -07:00
.pre-commit-config.yaml ward-container: residual claude work on coilyco-flight-deck/cli-guard 2026-06-24 07:08:57 +00:00
AGENTS.md clean up issue-reference guard hits 2026-07-09 21:45:26 +00:00
CLAUDE.md chore(pre-commit): adopt context-load-points hook (v0.11.1) 2026-05-29 22:45:41 -07:00
CODE_OF_CONDUCT.md Adopt Contributor Covenant 2.1 as Code of Conduct 2026-05-13 05:31:35 -07:00
CONTRIBUTING.md refactor: unguard cli-guard, wipe agent-guard from the dev flow 2026-05-29 13:05:36 -07:00
go.mod feat(specverb): add an OpenAPI 3.x reader and pruner via kin-openapi 2026-06-17 04:06:51 -07:00
go.sum feat(specverb): add an OpenAPI 3.x reader and pruner via kin-openapi 2026-06-17 04:06:51 -07:00
godoc-current.txt Add inline MCP proxy grants 2026-07-14 09:14:59 +00:00
LICENSE Scaffold cli-guard: extract framework primitives from coily/pkg/ 2026-05-13 04:25:19 -07:00
Makefile Wire cli-web-docs into docs surface, closes #28 2026-05-13 12:08:23 -07:00
mkdocs-requirements.txt Add mkdocs (urfave palette) + docs CI verification 2026-05-13 05:28:44 -07:00
mkdocs.yml refactor!: reorganize package tree around the three guarded surfaces 2026-06-07 17:43:52 -07:00
README.md merge main to refresh dispatch removal 2026-07-10 16:58:08 +00:00
SECURITY.md enforce basename-wide lockdown targets 2026-07-13 23:01:42 +00:00
staticcheck.conf Adopt urfave-shaped README + trifecta + staticcheck.conf 2026-05-13 05:23:19 -07:00

cli-guard

Go Reference Go Report Card Tests status

cli-guard is a security-boundary framework for urfave/cli v3 applications, designed to sit between AI agents (or any semi-trusted automation) and the host system, featuring:

  • argv validation rejecting shell metacharacters before they reach execve
  • append-only JSONL audit log with lumberjack rotation
  • read / write / delete scope tokens, validated per verb
  • best-effort RepoRoot stamping that records each audit row's git toplevel (empty outside any repo)
  • clean+synced gate refusing repo-shaped verbs on a dirty tree
  • per-repo command allowlist loaded from per-repo YAML config files (e.g. .<app>/<app>.yaml)
  • thin pass-through wrapper for embedding existing CLIs as audited subcommands
  • per-invocation CONNECT proxy with consumer-supplied egress allowlist
  • public exit-code taxonomy for orchestrators

Documentation

See docs/FEATURES.md for a feature inventory, examples/ for runnable demos one per primitive, and the CLI reference for the rendered command tree of every example. Local dev verbs run through make (see the Makefile).

Support

If you found a bug or have a feature request, create a new issue. Participation in this community is governed by the Code of Conduct. Security disclosures go through SECURITY.md.

Sibling repo: cli-mcp.

License

See LICENSE.

See also

Cross-reference convention from the shared repo-pointer rule in the agentic-os docs.