# exc-safety

**Permission gate for `exc` CLI commands in [pi](https://pi.dev).**

The same safety model that powers the [Excloud](https://excloud.in) console agent, now running locally in your terminal. Every `exc` command the LLM tries to run is classified and gated before it ever hits the wire.

## How it works

| Classification | Behavior |
|---|---|
| **Read-only** (`list`, `get`, `capacity`, `seriallogs`, `metrics`, `health`, `localip`, `me`, `quota`, `version`) | ✅ Runs immediately |
| **`--help` / `-h`** | ✅ Always allowed — never hits the API |
| **Mutating** (`create`, `update`, `exec`, `scp`, `resize`, …) | ⚠️ Confirmed in `strict` mode; auto-allowed in `relaxed` |
| **Destructive** (`delete`, `terminate`, `release`, `revoke`, `disassociate`, `unprotect`, `remove`) | 🔴 Always confirmed |

The allowlist is the same set used by the Excloud agent backend — union of every read-only verb from the live OpenAPI surface plus CLI-only commands.

## Safety modes

Toggle at any time with `/exc-safety`:

| Mode | Behavior |
|---|---|
| `relaxed` *(default)* | Only destructive commands require confirmation |
| `strict` | Every mutating command requires confirmation |
| `off` | No interception — all commands pass through |

## Install as a pi package

```bash
pi install git:github.com/excloud-in/exc-safety
```

Or project-local (committed with your team's `.pi/settings.json`):

```bash
pi install -l git:github.com/excloud-in/exc-safety
```

## License

MIT — see [LICENSE](./LICENSE).