🛡️ DeployShield

DeployShield is a cross-platform production safety guardrail for Claude Code and Gemini CLI. It intercepts terminal commands before execution and blocks dangerous operations (writes, deletes, etc.) while allowing read-only commands to pass through.

🚀 Why DeployShield?

Large Language Models (LLMs) are incredibly capable but can accidentally execute destructive commands in production environments. DeployShield provides a deterministic safety layer that doesn't rely on probabilistic model instructions.

Deterministic Protection: Uses a curated safe-list of read-only subcommands.
Recursive Safety: Deeply scans subshells, backticks, sudo, and bash -c.
Context-Aware: Granular control—block writes in production while allowing them in dev.
Zero-Dependency: Fast, lightweight, and runs on any system with Python 3.8+.

🛠️ Supported Providers

Category	Guarded CLIs
☁️ Cloud	`aws`, `gcloud`, `az`, `kubectl`, `helm`
🗄️ Databases	`psql`, `mysql`, `mongosh`, `redis-cli`
🏗️ IaC	`terraform`, `pulumi`, `cdk`, `sam`, `serverless` (`sls`), `ansible-playbook`
📦 Publishing	`npm`, `yarn`, `pnpm`, `cargo`, `twine`, `gem`
🔧 Other	`vault`, `gh`, `docker`, `podman`

📥 Installation

Claude Code

/plugin marketplace add matanryngler/deployshield

Install the plugin:
```
/plugin install deployshield
```

Gemini CLI

Install directly via GitHub:

gemini extensions install https://github.com/matanryngler/deployshield

⚙️ Context-Aware Blocking

By default, DeployShield blocks ALL write operations. Create a .deployshield.json file to allow writes in non-production contexts.

Use Cases

🛡️ Safe Local Development: Allow destructive commands on your local machine or dev clusters, but keep the guardrails on for anything that touches production.
🤝 Team-Wide Guardrails: Commit a .deployshield.json to your project repository to ensure that every developer follows the same safety standards.
🏗️ CI/CD Migration: Force changes through PRs by blocking manual applies in production environments.

Examples

{
  "kubectl": ["prod-cluster", "production", "prod-*"],
  "aws": ["production-profile"],
  "terraform": ["prod-workspace"]
}

For detailed configuration options, see the Configuration Guide.

🛡️ Recursive Safety

DeployShield provides deep protection that handles common bypass attempts:

Nested Subshells: echo $(terraform destroy) → Blocked
Administrative Wrappers: sudo kubectl delete ... → Blocked
Execution Wrappers: echo pod-id | xargs kubectl delete pod → Blocked
Shell Wrappers: bash -c "aws s3 rm ..." → Blocked
Process Substitution: cat <(pulumi destroy) → Blocked

🤝 Contributing

This project uses uv for dependency management and pre-commit for quality control.

To understand how DeployShield works under the hood, check the Internals Guide.

# Run tests
uv run pytest -v

# Install pre-commit hooks
uv run pre-commit install

License

MIT

deployshield

Popularity

What's Inside

README

🛡️ DeployShield

🚀 Why DeployShield?

🛠️ Supported Providers

📥 Installation

Claude Code

Gemini CLI

⚙️ Context-Aware Blocking

Use Cases

Examples

🛡️ Recursive Safety

🤝 Contributing

License

Confidence

Similar Plugins

railguard

stallion

credential-guard

hs

gouvernai

warden