Stats
Actions
Tags
From toolkit
Run commands in a sandboxed bash environment (read-only FS, no network)
How this command is triggered — by the user, by Claude, or both
Slash command
/toolkit:just-bash [bash command or task description to run safely in sandbox]This command is limited to the following tools:
The summary Claude sees in its command listing — used to decide when to auto-load this command
# Just Bash - Sandboxed Execution
Run the user's command or task inside the `just-bash` sandbox. This provides a read-only filesystem, no network access, and in-memory-only writes.
## User's Request
$ARGUMENTS
## How to Execute
Translate the user's request into one or more `just-bash` commands and run them via the Bash tool.
### Command Format
### Key Options
- `--root <path>` - Mount a specific directory (default: cwd). Always set this to the project root.
- `--allow-write` - Enable in-memory writes (safe, nothing reaches disk)
- `--json` - Output as JSON: `{"stdout", "stderr", "...Run the user's command or task inside the just-bash sandbox. This provides a read-only filesystem, no network access, and in-memory-only writes.
$ARGUMENTS
Translate the user's request into one or more just-bash commands and run them via the Bash tool.
# Simple command
just-bash -c 'COMMAND' --root /path/to/project
# Multi-line script
just-bash -c '
COMMAND1
COMMAND2
' --root /path/to/project
# When writes are needed (in-memory only, nothing touches disk)
just-bash --allow-write -c 'COMMAND' --root /path/to/project
# JSON output for structured results
just-bash --json -c 'COMMAND' --root /path/to/project
--root <path> - Mount a specific directory (default: cwd). Always set this to the project root.--allow-write - Enable in-memory writes (safe, nothing reaches disk)--json - Output as JSON: {"stdout", "stderr", "exitCode"}-e, --errexit - Exit on first error--python - Enable python3awk sed grep egrep fgrep rg cut tr sort uniq wc head tail tac rev nl fold column comm join paste split stringsjq (JSON - older build, no -R/-s flags) xan (CSV)ls find cat cp mv rm mkdir rmdir ln touch chmod stat file tree du basename dirname readlinkgzip gunzip zcat tarmd5sum sha1sum sha256sum base64date seq expr env printenv whoami hostname sleep timeout time which xargs tee diffyq - "Dynamic require of process" errorsqlite3 - "DataView constructor" error<() syntax)jq missing -R (raw input) and -s (slurp) flagstree missing some flags (e.g. --dirsfirst)--root to scope to the correct project directoryjust-bash -c '...' callyq or sqlite3 - they are broken in v1.0.0npx claudepluginhub ruizrica/toolkit --plugin toolkit/pwsh-scriptCreates, reviews, or optimizes bash/shell scripts with 2025 best practices, ShellCheck compliance, error handling, security checks, and cross-platform support.
/validate-skillsValidates bash/shell code blocks in plugin markdown command/skill files or specified paths/directories using static analysis (bash -n, shellcheck), safety tiering, safe execution for green-tier, and AI review. Outputs report or JSON with --json.
/simpleExecutes simple shell commands, file reads, git operations, or npm runs directly via standard Claude Code, bypassing RLM orchestration.
/cliSelects and executes optimal CLI tools for a given task using terminal-native expert patterns, with optional preference like 'modern' or 'standard'.
/guardActivates safety guardrails that block destructive Bash commands (rm -rf), SQL drops (DROP TABLE), git force-pushes, and optionally restrict file edits to a directory. Explains each block.
/taskLaunches dedicated agent to autonomously execute complex search, investigation, and analysis tasks using multiple tools. Supports --background for long-running monitoring with progress reports.