npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

claude-guard

v2.2.0

Published

Community Edition: Lightweight security wrapper for Claude CLI with Claude settings integration and pattern-based permissions

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

dwebdevdwebdev

Keywords

claudeclisecuritywrapperpattern-matchingclaude-settingsintegrationai-safety

Readme

Claude Guard

A simple security wrapper for Claude CLI that automatically blocks dangerous commands.

What it does

npm install -g claude-guard
claude-guard "help me debug this code"  # Same as claude, but safer

Instead of Claude running rm -rf / or reading your SSH keys, Claude Guard automatically blocks dangerous operations while allowing normal development tasks.

What this IS and ISN'T

✅ Good for:

  • Basic safety: Prevents rm -rf /, credential theft, obvious disasters
  • Development teams: Simple pattern-based blocking without complex setup
  • Drop-in replacement: Use claude-guard exactly like claude
  • Zero configuration: Works out of the box with sensible defaults

❌ NOT for:

  • Enterprise security: This is not enterprise-grade protection
  • Determined attackers: Basic pattern matching, not AI security analysis
  • Compliance: No central management, audit trails, or enterprise features
  • Perfect security: Can be bypassed by someone who really wants to

Perfect for: Small teams wanting basic safety rails
Not suitable for: Enterprise security requirements

Quick comparison

| Tool | Approach | Best for | | ---------------- | ---------------------- | -------------------- | | claude | No protection | Trusted environments | | claude-guard | Basic pattern blocking | Development teams | | Enterprise tools | Full security suite | Regulated industries |

Installation

# 1. Install Claude CLI first
npm install -g @anthropic-ai/claude-code

# 2. Install Claude Guard
npm install -g claude-guard

# 3. Use it exactly like claude
claude-guard "explain this error"

Features & Configuration

Command aliases

claude-guard @test     # Runs "run all tests in this project"
claude-guard @build    # Runs "build the project for production"
claude-guard @deploy   # Runs "deploy to production server"

Audit tools

claude-guard --audit-tail        # Show last 10 commands
claude-guard --verify-integrity  # Check for tampering

Configuration

claude-guard --config-init   # Create config file
claude-guard --list-aliases  # Show all aliases

⚡ NEW: Claude Settings Integration

Claude Guard now supports Claude's native settings.json format! Use your existing .claude/settings.json files directly:

{
  "permissions": {
    "allow": ["Bash(git *)", "Bash(npm *)", "Read(*)", "Edit(*)"],
    "deny": ["Bash(rm -rf /*)", "Bash(sudo rm -rf /*)"]
  }
}

Benefits:

  • Standards Compliance: Uses Claude's official settings format
  • Layered Security: Claude rules + additional guard patterns
  • Easy Migration: Existing .claude/settings.json files work immediately
  • Backwards Compatible: Guard-only mode preserved

Enable in ~/.claude/guard/config.json:

{
  "policies": {
    "useClaudeSettings": true,
    "claudeSettingsFirst": true
  }
}

For comprehensive configuration, check out claude-settings which provides 900+ curated development tool patterns.

🛡️ Security Approach

Default Allowed Actions

  • Development tools: npm, yarn, pip, cargo, go build
  • Version control: git commands, git operations
  • Containers: docker run, docker build, docker-compose
  • File operations: reading files, listing directories
  • Safe utilities: curl, wget (to known safe domains)

Default Blocked Actions

  • System destruction: rm -rf /, sudo rm, mkfs, format
  • Credential access: Reading /etc/passwd, SSH keys, environment secrets
  • Network attacks: Port scanning, suspicious downloads
  • Privilege escalation: Unauthorized sudo, system modifications

Warning Actions

  • Package installs: npm/pip/gem installs (warns but allows)
  • Git repository operations: In repository root (warns about destructive commands)
  • System tools: Some system utilities that could be misused

📋 Example Usage

Basic Commands

# Analyze code (same as Claude CLI)
claude-guard "explain this function"

# Debug assistance
claude-guard "help me fix this error: TypeError: Cannot read property"

# Code generation
claude-guard "create a REST API endpoint for user authentication"

Using Command Aliases

claude-guard @test     # Runs "run all tests in this project"
claude-guard @lint     # Runs "check code quality and style issues"
claude-guard @build    # Runs "build the project for production"
claude-guard @deploy   # Runs "deploy to production server"

Security & Audit Tools

# View recent command history
claude-guard --audit-tail

# Search for specific commands
claude-guard --audit-search "npm"

# Verify file integrity
claude-guard --verify-integrity

# View help and options
claude-guard --help

⚙️ Advanced Configuration

Create ~/.claude/guard/config.json for custom patterns:

{
  "version": "2.0",
  "policies": {
    "blockedPaths": ["/etc/**", "/System/**", "/usr/**"],
    "blockedCommands": ["rm -rf /", "sudo *", "dd if=*", "mkfs*"],
    "warnCommands": ["npm install", "pip install", "gem install"]
  },
  "audit": {
    "enabled": true,
    "maxDays": 30
  },
  "aliases": {
    "@test": "run all tests in this project",
    "@lint": "check code quality and style issues",
    "@build": "build the project for production",
    "@deploy": "deploy to production server",
    "@docs": "generate documentation for this project"
  }
}

🔍 Command Line Options

claude-guard --help              # Show help information
claude-guard --version           # Show version number
claude-guard --config            # Show config file location
claude-guard --config-init       # Create example config file
claude-guard --list-aliases      # Show all configured aliases
claude-guard --audit-tail        # Show last 10 audit entries
claude-guard --audit-search TERM # Search audit logs
claude-guard --verify-integrity  # Check file integrity

⚠️ Important Notes

  • Not enterprise-grade: This is a basic pattern-based security tool
  • No central management: Configuration is local to each machine
  • Requires Claude CLI: Must install @anthropic-ai/claude-code separately
  • Community support: Use GitHub issues for questions and bug reports

Credits

This tool is a community-built security wrapper for Claude CLI by Anthropic.

  • Claude CLI: © Anthropic PBC - The AI assistant this tool wraps
  • Claude Guard Community: MIT License (wrapper functionality only)

Disclaimer

Claude Guard is an independent community project and is not affiliated with, endorsed by, or sponsored by Anthropic PBC. Claude CLI must be installed separately from Anthropic.

License

MIT License - See LICENSE file for details.