EveryDev.ai
Subscribe
Home
Tools

3,215+ AI tools

  • New
  • Trending
  • Featured
  • Compare
  • Arena
Categories
  • Agents2189
  • Coding1574
  • Infrastructure698
  • Marketing534
  • Projects498
  • Research456
  • Design416
  • Analytics389
  • Testing296
  • MCP290
  • Security286
  • Data262
  • Integration197
  • Prompts189
  • Communication183
  • Extensions173
  • Learning170
  • Voice151
  • Commerce135
  • DevOps123
  • Web86
  • Finance26
AI Tools by Topic
  • AI Coding Assistants
  • Agent Frameworks
  • MCP Servers
  • AI Prompt Tools
  • Vibe Coding Tools
  • AI Design Tools
  • AI Database Tools
  • AI Website Builders
  • AI Testing Tools
  • LLM Evaluations
Follow Us
  • X / Twitter
  • LinkedIn
  • Reddit
  • Discord
  • Threads
  • Bluesky
  • Mastodon
  • YouTube
  • GitHub
  • Instagram
Get Started
  • About
  • Editorial Standards
  • Corrections & Disclosures
  • Community Guidelines
  • Advertise
  • Contact Us
  • Newsletter
  • Submit a Tool
  • Start a Discussion
  • Write A Blog
  • Share A Build
  • Terms of Service
  • Privacy Policy
Explore with AI
  • ChatGPT
  • Gemini
  • Claude
  • Grok
  • Perplexity
Agent Experience
  • llms.txt
Theme
With AI, Everyone is a Dev. EveryDev.ai © 2026
    1. Home
    2. Tools
    3. dcg (Destructive Command Guard)
    dcg (Destructive Command Guard) icon

    dcg (Destructive Command Guard)

    Command Line Assistants

    A high-performance CLI hook that intercepts and blocks destructive shell and git commands before AI coding agents execute them, protecting your work from accidental deletion.

    Visit Website

    At a Glance

    Pricing
    Open Source

    Fully free and open source under MIT license (with OpenAI/Anthropic rider). Download prebuilt binaries or build from source.

    Engagement

    Available On

    Windows
    macOS
    Linux
    Web
    API

    Resources

    WebsiteGitHubllms.txt

    Topics

    Command Line AssistantsApplication SecurityAI Coding Assistants

    Alternatives

    GuardMastra Codebotctl
    Developer
    Jeffrey EmanuelNew York, NYEst. 2021$5000000 raised

    Listed Jul 2026

    About dcg (Destructive Command Guard)

    dcg (Destructive Command Guard) is a Rust-based PreToolUse hook that sits between AI coding agents and the shell, blocking catastrophic commands like git reset --hard, rm -rf ./src, or DROP TABLE users before they execute. Originally written in Python by Jeffrey Emanuel and ported to Rust by Darin Gordon, the project has grown into a comprehensive modular guard with 50+ security packs covering databases, Kubernetes, cloud providers, CI/CD systems, and more. The repository has accumulated over 5,000 GitHub stars since its creation in January 2026.

    What It Is

    dcg is a command-line safety hook designed specifically for the AI coding agent era, where tools like Claude Code, Codex CLI, Gemini CLI, GitHub Copilot CLI, Cursor, and Hermes Agent autonomously execute shell commands on behalf of users. The core problem it solves: agents occasionally issue catastrophic, unrecoverable commands that destroy hours of uncommitted work in seconds. dcg intercepts every shell command as a JSON payload on stdin, evaluates it through a multi-stage pipeline, and either allows it silently or blocks it with a human-readable explanation and safer alternatives on stderr.

    How the Evaluation Pipeline Works

    Every command passes through a four-stage pipeline designed for sub-millisecond latency:

    • JSON Parsing: Validates the hook payload from Claude, Codex, Gemini, Copilot, or other agent variants and extracts the command string. Non-shell tools are immediately allowed.
    • Normalization: Strips absolute binary paths (/usr/bin/git → git) while preserving arguments.
    • Quick Reject: SIMD-accelerated substring search (via the memchr crate using SSE2/AVX2/NEON) filters out irrelevant commands in under 1μs. Commands without keywords like "git" or "rm" skip regex matching entirely.
    • Pattern Matching: Safe patterns (allowlist) are checked first — a match immediately allows. Destructive patterns are checked second — a match blocks with explanation. No match on either defaults to allow.

    A sophisticated context classification system (SpanKind) distinguishes Executed tokens from Comment, Data, HeredocBody, and InlineCode spans, dramatically reducing false positives. Heredoc and inline script scanning uses a three-tier AST pipeline: trigger detection (<100μs), content extraction (<1ms), and AST pattern matching (<5ms) with recursive shell analysis for nested commands like bash -c "git reset --hard".

    Modular Pack System

    dcg organizes destructive command patterns into a modular "pack" system. Two core packs — core.filesystem and core.git — are always on and cannot be disabled. Additional packs are opt-in and cover:

    • Databases: PostgreSQL, MySQL, MongoDB, Redis, SQLite, Snowflake, Supabase
    • Containers & Orchestration: Docker, Docker Compose, Podman, kubectl, Helm, Kustomize
    • Cloud Providers: AWS, Azure, GCP
    • Infrastructure: Terraform, Ansible, Pulumi, Atmos
    • Secrets Management: Vault, Doppler, 1Password, AWS Secrets Manager
    • CI/CD: GitHub Actions, GitLab CI, CircleCI, Jenkins
    • Messaging, Search, Backup, Monitoring, Payment, DNS, CDN, and more

    Category IDs expand to all sub-packs (e.g., "database" enables all database.* packs). Custom organization-specific packs can be authored in YAML and loaded from user or project-local paths.

    Agent Support and Deployment

    dcg supports a wide range of AI coding agents through their native hook protocols:

    • Claude Code: PreToolUse hook via ~/.claude/settings.json
    • Codex CLI 0.125.0+: Merges a PreToolUse Bash hook into ~/.codex/hooks.json; emits minimal documented hookSpecificOutput JSON on stdout with exit code 0
    • Gemini CLI / Antigravity (agy): BeforeTool hook via ~/.gemini/settings.json or ~/.gemini/config/hooks.json
    • GitHub Copilot CLI: User-level hook at ${COPILOT_HOME:-~/.copilot}/hooks/dcg.json
    • VS Code Copilot Chat: Picked up automatically via the Claude Code hook compatibility layer
    • Cursor IDE: beforeShellExecution hook via ~/.cursor/hooks.json
    • Hermes Agent, Grok (xAI), OpenCode, Pi, Aider, Continue: Varying levels of native support

    The quick-install script auto-detects the platform, downloads the correct binary, verifies SHA256 checksums and optional minisign signatures, and configures all detected agent hooks in one step. Prebuilt binaries are available for Linux x86_64 (musl), Linux ARM64, macOS Intel, macOS Apple Silicon, Windows x64, and Windows ARM64.

    Update: v0.6.7 and Active Development

    The latest release is v0.6.7, published July 15, 2026. The repository was last pushed on July 18, 2026, indicating active development. Notable recent additions include first-class Codex CLI support (0.125.0+), native Grok (xAI) hook integration, Antigravity CLI (agy) support, a rebase-recovery mode that safely relaxes checkout/restore blocks during active git rebase state, a bounded failure policy with configurable fail-closed mode, and Windows-native packs (windows.filesystem, windows.system) enabled by default on Windows. The project uses a pinned Rust nightly toolchain (nightly-2026-06-06) and requires Rust 1.95+.

    Tradeoffs and Design Principles

    dcg uses a default-allow policy for unrecognized commands to avoid breaking legitimate workflows — only known dangerous patterns are blocked. Safe patterns are checked before destructive ones (whitelist-first architecture) to prevent false positives on commands like git checkout -b. An absolute 200ms hook deadline ensures no command hangs the terminal; exhausting the budget produces an explicit indeterminate result rather than a silent allow. The license is MIT with an additional rider explicitly excluding OpenAI and Anthropic from use rights.

    dcg (Destructive Command Guard) - 1

    Community Discussions

    Be the first to start a conversation about dcg (Destructive Command Guard)

    Share your experience with dcg (Destructive Command Guard), ask questions, or help others learn from your insights.

    Pricing

    OPEN SOURCE

    Open Source

    Fully free and open source under MIT license (with OpenAI/Anthropic rider). Download prebuilt binaries or build from source.

    • All 50+ security packs
    • Prebuilt binaries for Linux, macOS, and Windows
    • Full agent hook support (Claude Code, Codex, Gemini, Copilot, Cursor, etc.)
    • Repository scanning and CI integration
    • Custom pack authoring

    Capabilities

    Key Features

    • Blocks destructive git and shell commands before execution
    • 50+ modular security packs (databases, Kubernetes, cloud, CI/CD, etc.)
    • Sub-millisecond latency with SIMD-accelerated filtering
    • Heredoc and inline script scanning with three-tier AST pipeline
    • Context classification to reduce false positives (SpanKind system)
    • Agent-specific profiles with trust levels and pack overrides
    • Supports Claude Code, Codex CLI, Gemini CLI, Copilot, Cursor, Hermes, Grok, and more
    • Repository scanning mode for CI/CD pre-commit integration
    • Explain mode with per-stage timing traces
    • Allow-once temporary exception system with short codes
    • Rebase recovery mode for safe git rebase workflows
    • Configurable fail-closed mode for strict environments
    • Custom YAML pack authoring for organization-specific rules
    • Layered configuration hierarchy (env vars, user, system, project)
    • Prebuilt binaries for Linux, macOS, and Windows (x64 and ARM64)
    • Dual regex engine (linear O(n) + backtracking for lookahead patterns)
    • Aho-Corasick keyword pre-filtering for pack relevance
    • SARIF output for dcg scan CI integration
    • Accessibility themes including colorblind-safe and high-contrast modes
    • Windows-native packs for cmd.exe and PowerShell destructive commands

    Integrations

    Claude Code
    Codex CLI
    Gemini CLI
    GitHub Copilot CLI
    VS Code Copilot Chat
    Cursor IDE
    Hermes Agent
    Grok (xAI)
    Antigravity CLI (agy)
    OpenCode
    Pi
    Aider
    Continue
    GitHub Actions
    GitLab CI
    CircleCI
    Jenkins
    Azure Pipelines
    PostgreSQL
    MySQL
    MongoDB
    Redis
    SQLite
    Snowflake
    Supabase
    Docker
    Kubernetes (kubectl)
    Helm
    Terraform
    Ansible
    Pulumi
    AWS CLI
    Azure CLI
    gcloud
    Vault
    Doppler
    1Password CLI
    Kafka
    RabbitMQ
    Elasticsearch
    Algolia
    Stripe CLI
    Cloudflare Workers (Wrangler)
    Datadog
    Prometheus
    Splunk
    API Available

    Ratings & Reviews

    No ratings yet

    Be the first to rate dcg (Destructive Command Guard) and help others make informed decisions.

    Developer

    Jeffrey Emanuel

    Jeffrey Emanuel builds open-source developer tools focused on AI agent coordination and productivity infrastructure. The MCP Agent Mail project provides a Git-backed, SQLite-indexed coordination layer for multi-agent coding workflows. Emanuel also maintains related tools including Beads Rust and Beads Viewer for task planning and graph analytics in agent-driven development environments.

    Founded 2021
    New York, NY
    $5000000 raised
    1 employees
    Read more about Jeffrey Emanuel
    WebsiteGitHubLinkedInX / Twitter
    2 tools in directory

    Similar Tools

    Guard icon

    Guard

    A CLI tool that lets developers lock file permissions to prevent AI coding agents from modifying files without explicit permission.

    Mastra Code icon

    Mastra Code

    Mastra Code is a terminal-based AI coding agent that connects to 70+ AI models and provides tools for reading, searching, editing, and executing code directly in your terminal.

    botctl icon

    botctl

    A process manager CLI for autonomous AI agent bots with a terminal dashboard, web UI, and declarative BOT.md configuration.

    Browse all tools

    Related Topics

    Command Line Assistants

    AI-powered command-line assistants that help developers navigate, search, and execute terminal commands with intelligent suggestions and context awareness.

    186 tools

    Application Security

    AI tools for securing software applications and identifying vulnerabilities.

    101 tools

    AI Coding Assistants

    AI tools that help write, edit, and understand code with intelligent suggestions.

    652 tools
    Browse all topics
    Back to all toolsSuggest an edit
    ratings
    discussions