Skip to content
BlastShield

BlastShield is in beta and may contain bugs. Validate it in a non-production environment before relying on it for safety-critical workflows.

BlastShield

Shrink the blast radius of your agentic engineering.
Get Started GitHub

Read-Only by Default

Section titled “Read-Only by Default”

BlastShield enforces a default-deny posture for cloud CLIs. Read operations such as list, describe, get, and plan pass through automatically. Mutating commands such as terraform apply and gcloud deploy are blocked or forced back to the user.

The agent inspects and plans. You execute.

Two Layers of Defense

Section titled “Two Layers of Defense”

Layer 1: sandbox-exec profiles

Section titled “Layer 1: sandbox-exec profiles”

Kernel-level filesystem restrictions keep agents away from credential files, state, and protected paths.

Layer 2: command-argument guard

Section titled “Layer 2: command-argument guard”

Runtime guard wrappers intercept dangerous subcommands before they reach Terraform, gcloud, kubectl, and other CLIs.

Quick Start

Section titled “Quick Start”
Terminal window
git clone https://github.com/cdrxyz/blastshield.git
cd blastshield
export PATH="$PWD:$PATH"
blastshield claude --dangerously-skip-permissions