deployshield

🛡️ DeployShield

DeployShield is a cross-platform production safety guardrail for Claude Code and Gemini CLI. It intercepts terminal commands before execution and blocks dangerous operations (writes, deletes, etc.) while allowing read-only commands to pass through.

🚀 Why DeployShield?

Large Language Models (LLMs) are incredibly capable but can accidentally execute destructive commands in production environments. DeployShield provides a deterministic safety layer that doesn't rely on probabilistic model instructions.

• Deterministic Protection: Uses a curated safe-list of read-only subcommands.
• Recursive Safety: Deeply scans subshells, backticks, sudo, and bash -c.
• Context-Aware: Granular control—block writes in production while allowing them in dev.
• Zero-Dependency: Fast, lightweight, and runs on any system with Python 3.8+.

---

🛠️ Supported Providers

Category	Guarded CLIs
☁️ Cloud	aws, gcloud, az, kubectl, helm
🗄️ Databases	psql, mysql, mongosh, redis-cli
🏗️ IaC	terraform, pulumi, cdk, sam, serverless (sls), ansible-playbook
📦 Publishing	npm, yarn, pnpm, cargo, twine, gem
🔧 Other	vault, gh, docker, podman

---

📥 Installation

Claude Code

1. Register the marketplace:

   /plugin marketplace add matanryngler/deployshield
   

2. Install the plugin:

   /plugin install deployshield
   

Gemini CLI

1. Install directly via GitHub:

   gemini extensions install https://github.com/matanryngler/deployshield
   

---

⚙️ Context-Aware Blocking

By default, DeployShield blocks ALL write operations. Create a .deployshield.json file to allow writes in non-production contexts.

Use Cases

• 🛡️ Safe Local Development: Allow destructive commands on your local machine or dev clusters, but keep the guardrails on for anything that touches production.
• 🤝 Team-Wide Guardrails: Commit a .deployshield.json to your project repository to ensure that every developer follows the same safety standards.
• 🏗️ CI/CD Migration: Force changes through PRs by blocking manual applies in production environments.

Examples

{
  "kubectl": ["prod-cluster", "production", "prod-*"],
  "aws": ["production-profile"],
  "terraform": ["prod-workspace"]
}

For detailed configuration options, see the Configuration Guide.

---

🛡️ Recursive Safety

DeployShield provides deep protection that handles common bypass attempts:

• Nested Subshells: echo $(terraform destroy) → Blocked
• Administrative Wrappers: sudo kubectl delete ... → Blocked
• Execution Wrappers: echo pod-id | xargs kubectl delete pod → Blocked
• Shell Wrappers: bash -c "aws s3 rm ..." → Blocked
• Process Substitution: cat <(pulumi destroy) → Blocked

---

🤝 Contributing

This project uses uv for dependency management and pre-commit for quality control.

To understand how DeployShield works under the hood, check the Internals Guide.

# Run tests
uv run pytest -v

# Install pre-commit hooks
uv run pre-commit install

License

MIT