init

README.md

@@ -0,0 +1,42 @@
+# exc-safety
+
+**Permission gate for `exc` CLI commands in [pi](https://pi.dev).**
+
+The same safety model that powers the [Excloud](https://excloud.in) console agent, now running locally in your terminal. Every `exc` command the LLM tries to run is classified and gated before it ever hits the wire.
+
+## How it works
+
+| Classification | Behavior |
+|---|---|
+| **Read-only** (`list`, `get`, `capacity`, `seriallogs`, `metrics`, `health`, `localip`, `me`, `quota`, `version`) | ✅ Runs immediately |
+| **`--help` / `-h`** | ✅ Always allowed — never hits the API |
+| **Mutating** (`create`, `update`, `exec`, `scp`, `resize`, …) | ⚠️ Confirmed in `strict` mode; auto-allowed in `relaxed` |
+| **Destructive** (`delete`, `terminate`, `release`, `revoke`, `disassociate`, `unprotect`, `remove`) | 🔴 Always confirmed |
+
+The allowlist is the same set used by the Excloud agent backend — union of every read-only verb from the live OpenAPI surface plus CLI-only commands.
+
+## Safety modes
+
+Toggle at any time with `/exc-safety`:
+
+| Mode | Behavior |
+|---|---|
+| `relaxed` *(default)* | Only destructive commands require confirmation |
+| `strict` | Every mutating command requires confirmation |
+| `off` | No interception — all commands pass through |
+
+## Install as a pi package
+
+```bash
+pi install git:github.com/excloud-in/exc-safety
+```
+
+Or project-local (committed with your team's `.pi/settings.json`):
+
+```bash
+pi install -l git:github.com/excloud-in/exc-safety
+```
+
+## License
+
+MIT — see [LICENSE](./LICENSE).