coilyco-flight-deck/cli-guard
1
0
Fork 0
Code Issues 12 Pull requests Projects Releases Packages Wiki Activity Actions
urfave/cli v3 extension: scope-tokens, audit log, lockdown writer, argv-validation framework. Intended for the urfave/cli ecosystem.
118 commits 1 branch 1 tag 1.5 MiB
  • Go 99.7%
  • Shell 0.2%
  • Makefile 0.1%
Find a file
Exact
Kai Siren 7e70deb14d
Some checks failed
ci / test (push) Has been cancelled
Details
ci / lint (push) Has been cancelled
Details
ci / govulncheck (push) Has been cancelled
Details
ci / docs (push) Has been cancelled
Details
codeql / analyze (go) (push) Has been cancelled
Details
pages / build (push) Has been cancelled
Details
pages / deploy (push) Has been cancelled
Details
chore(pre-commit): adopt context-load-points hook (v0.11.1) 
Part of the agentic-os-kai#505 load-point framework rollout.

closes coilysiren/cli-guard#43

Audit-log: coily://1780119139/AGPHOXTT - coily git commit
2026-05-29 22:45:41 -07:00
.agents/skills/cli-guard feat(skills): add canonical cli-guard repo-pointer skill 2026-05-27 02:11:22 -07:00
.claude lockdown: sync to coily v2.50.0 [skip ci] 2026-05-29 19:48:55 +00:00
.github chore(ci): remove codex-review-gate + undraft-and-poke-codex workflows 2026-05-16 15:42:01 -07:00
audit chore: clean up code-comments violations, agentic-os v0.2.8 2026-05-25 20:22:38 -07:00
config chore: clean up code-comments violations, agentic-os v0.2.8 2026-05-25 20:22:38 -07:00
decision chore: clean up code-comments violations, agentic-os v0.2.8 2026-05-25 20:22:38 -07:00
dispatch refactor: unguard cli-guard, wipe agent-guard from the dev flow 2026-05-29 13:05:36 -07:00
docs refactor: unguard cli-guard, wipe agent-guard from the dev flow 2026-05-29 13:05:36 -07:00
egress chore: clean up code-comments violations, agentic-os v0.2.8 2026-05-25 20:22:38 -07:00
examples refactor: unguard cli-guard, wipe agent-guard from the dev flow 2026-05-29 13:05:36 -07:00
exitcode chore: clean up code-comments violations, agentic-os v0.2.8 2026-05-25 20:22:38 -07:00
ghcache fix(ghcache): rename unit-suffixed TTL consts for revive time-naming 2026-05-28 05:36:30 -07:00
ghidcache chore: clean up code-comments violations, agentic-os v0.2.8 2026-05-25 20:22:38 -07:00
ghratelimit chore: clean up code-comments violations, agentic-os v0.2.8 2026-05-25 20:22:38 -07:00
gittree chore: clean up code-comments violations, agentic-os v0.2.8 2026-05-25 20:22:38 -07:00
hook refactor: unguard cli-guard, wipe agent-guard from the dev flow 2026-05-29 13:05:36 -07:00
lockdown fix(lockdown): emit trailing newline on rendered settings.json 2026-05-28 00:06:26 -07:00
mcporter chore: clean up code-comments violations, agentic-os v0.2.8 2026-05-25 20:22:38 -07:00
passthrough feat(passthrough): add WithEnvFunc for exec-time env injection 2026-05-29 14:36:30 -07:00
policy chore: clean up code-comments violations, agentic-os v0.2.8 2026-05-25 20:22:38 -07:00
profile chore: clean up code-comments violations, agentic-os v0.2.8 2026-05-25 20:22:38 -07:00
profiles chore: clean up code-comments violations, agentic-os v0.2.8 2026-05-25 20:22:38 -07:00
repocfg chore: clean up code-comments violations, agentic-os v0.2.8 2026-05-25 20:22:38 -07:00
respfmt chore: clean up code-comments violations, agentic-os v0.2.8 2026-05-25 20:22:38 -07:00
scope chore: clean up code-comments violations, agentic-os v0.2.8 2026-05-25 20:22:38 -07:00
scripts chore: clean up code-comments violations, agentic-os v0.2.8 2026-05-25 20:22:38 -07:00
shell chore: clean up code-comments violations, agentic-os v0.2.8 2026-05-25 20:22:38 -07:00
skillgen chore: clean up code-comments violations, agentic-os v0.2.8 2026-05-25 20:22:38 -07:00
ssh chore: clean up code-comments violations, agentic-os v0.2.8 2026-05-25 20:22:38 -07:00
stscache chore: clean up code-comments violations, agentic-os v0.2.8 2026-05-25 20:22:38 -07:00
sudo chore: clean up code-comments violations, agentic-os v0.2.8 2026-05-25 20:22:38 -07:00
ttlcache chore: clean up code-comments violations, agentic-os v0.2.8 2026-05-25 20:22:38 -07:00
verb chore: clean up code-comments violations, agentic-os v0.2.8 2026-05-25 20:22:38 -07:00
workdir chore: clean up code-comments violations, agentic-os v0.2.8 2026-05-25 20:22:38 -07:00
.agentic-os.toml refactor: unguard cli-guard, wipe agent-guard from the dev flow 2026-05-29 13:05:36 -07:00
.gitattributes feat(passthrough): add WithEnvFunc for exec-time env injection 2026-05-29 14:36:30 -07:00
.gitignore Repository hygiene sweep: tier-A + CONTRIBUTING + godoc-current + auto-merge 2026-05-13 05:47:10 -07:00
.golangci.yaml feat(lockdown): rescope deny list + bring repo state in line with v0.2.12 hooks 2026-05-25 23:10:33 -07:00
.pre-commit-config.yaml chore(pre-commit): adopt context-load-points hook (v0.11.1) 2026-05-29 22:45:41 -07:00
AGENTS.md refactor: unguard cli-guard, wipe agent-guard from the dev flow 2026-05-29 13:05:36 -07:00
CLAUDE.md chore(pre-commit): adopt context-load-points hook (v0.11.1) 2026-05-29 22:45:41 -07:00
CODE_OF_CONDUCT.md Adopt Contributor Covenant 2.1 as Code of Conduct 2026-05-13 05:31:35 -07:00
CONTRIBUTING.md refactor: unguard cli-guard, wipe agent-guard from the dev flow 2026-05-29 13:05:36 -07:00
go.mod ssh: adopt package from coily/pkg/ssh, closes #61 2026-05-14 18:24:44 -07:00
go.sum ssh: adopt package from coily/pkg/ssh, closes #61 2026-05-14 18:24:44 -07:00
godoc-current.txt feat(passthrough): add WithEnvFunc for exec-time env injection 2026-05-29 14:36:30 -07:00
LICENSE Scaffold cli-guard: extract framework primitives from coily/pkg/ 2026-05-13 04:25:19 -07:00
Makefile Wire cli-web-docs into docs surface, closes #28 2026-05-13 12:08:23 -07:00
mkdocs-requirements.txt Add mkdocs (urfave palette) + docs CI verification 2026-05-13 05:28:44 -07:00
mkdocs.yml Wire cli-web-docs into docs surface, closes #28 2026-05-13 12:08:23 -07:00
README.md refactor: unguard cli-guard, wipe agent-guard from the dev flow 2026-05-29 13:05:36 -07:00
SECURITY.md Add SECURITY.md (urfave shape) + nav and Support links 2026-05-13 05:36:33 -07:00
staticcheck.conf Adopt urfave-shaped README + trifecta + staticcheck.conf 2026-05-13 05:23:19 -07:00

README.md

cli-guard

Go Reference Go Report Card Tests status

cli-guard is a security-boundary framework for urfave/cli v3 applications, designed to sit between AI agents (or any semi-trusted automation) and the host system, featuring:

  • argv validation rejecting shell metacharacters before they reach execve
  • append-only JSONL audit log with lumberjack rotation
  • read / write / delete scope tokens, validated per verb
  • --commit-scope resolution binding every audit row to a git toplevel
  • clean+synced gate refusing repo-shaped verbs on a dirty tree
  • per-repo command allowlist loaded from per-repo YAML config files (e.g. .ward/ward.yaml, .coily/coily.yaml)
  • thin pass-through wrapper for embedding existing CLIs as audited subcommands
  • per-invocation CONNECT proxy with consumer-supplied egress allowlist
  • public exit-code taxonomy for orchestrators
  • reusable dispatch subsystem firing claude against a real open issue, headless or interactive

Documentation

See docs/FEATURES.md for a feature inventory, examples/ for runnable demos one per primitive, and the CLI reference for the rendered command tree of every example. Local dev verbs run through make (see the Makefile).

Support

If you found a bug or have a feature request, create a new issue. Participation in this community is governed by the Code of Conduct. Security disclosures go through SECURITY.md.

Sibling repo: cli-mcp.

License

See LICENSE.

See also

Cross-reference convention from coilysiren/agentic-os#59.