stevenkozeniesky02/shell-guard
MCP server for safe shell access. Every command validated against per-agent permission rules before execution. Powered by AgentsID.
Platform-specific configuration:
{
"mcpServers": {
"shell-guard": {
"command": "npx",
"args": [
"-y",
"shell-guard"
]
}
}
}Add the config above to .claude/settings.json under the mcpServers key.
<p align="center"> <h1 align="center">Shell Guard</h1> <p align="center"> <strong>MCP server for safe shell access. Every command validated before execution.</strong> </p> </p>
<p align="center"> <a href="https://agentsid.dev"></a> <a href="https://github.com/stevenkozeniesky02/shell-guard/blob/main/LICENSE"></a> </p>
---
Your AI agent has shell access. It can run ls and cat. It can also run rm -rf / and sudo shutdown now. There's nothing stopping it.
Shell Guard fixes that. Every command is classified and validated against per-agent permission rules before execution. Read commands go through. Destructive commands get blocked. Everything is logged.
Agent runs: ls -la /src
→ Classified as: shell.read.ls
→ AgentsID check: ALLOWED ✓
→ Command executes normally
Agent runs: rm -rf /important-data
→ Classified as: shell.danger.rm
→ AgentsID check: BLOCKED ✗
→ Command never executes
→ Denial logged to audit trailnpx @agentsid/shell-guardSign up at agentsid.dev/dashboard (free — 25 agents, 10K events/month).
Register an agent with shell permissions:
npx agentsid init
npx agentsid register-agent --name "my-shell-agent" \
--permissions "shell.read.*" "shell.git.status" "shell.git.log" "shell.git.diff"claude mcp add shell-guard \
-e AGENTSID_PROJECT_KEY=aid_proj_your_key \
-e AGENTSID_AGENT_TOKEN=aid_tok_your_token \
-- npx @agentsid/shell-guardYou: "list the files in /src"
Claude: *runs ls /src* → works normally
You: "delete the temp files"
Claude: *runs rm -rf /tmp* → BLOCKED by Shell Guard
You: "push to Loading reviews...