Tools
Rust 'Destructive Command Guard' Blocks rm -rf and DROP TABLE From Agents in Sub-Millisecond Time
Destructive Command Guard (dcg) is a Rust safety hook that sits between coding agents and the shell, catching commands like `rm -rf ./`, `git reset --hard`, `DROP TABLE`, or `kubectl delete namespace production` before they execute. It uses SIMD-accelerated regex with a quick-reject path for sub-millisecond latency, scans heredocs and inline scripts for hidden destructive patterns, and ships 50+ security packs (git, filesystem, Postgres, Docker, Kubernetes, AWS/GCP/Azure). It jumped onto GitHub Trending this week (~3.2K stars, +481 in a day) as agent-safety tooling gains urgency.
↳ Follow the thread