43 lines
1.5 KiB
Markdown
43 lines
1.5 KiB
Markdown
# exc-safety
|
|
|
|
**Permission gate for `exc` CLI commands in [pi](https://pi.dev).**
|
|
|
|
The same safety model that powers the [Excloud](https://excloud.in) console agent, now running locally in your terminal. Every `exc` command the LLM tries to run is classified and gated before it ever hits the wire.
|
|
|
|
## How it works
|
|
|
|
| Classification | Behavior |
|
|
|---|---|
|
|
| **Read-only** (`list`, `get`, `capacity`, `seriallogs`, `metrics`, `health`, `localip`, `me`, `quota`, `version`) | ✅ Runs immediately |
|
|
| **`--help` / `-h`** | ✅ Always allowed — never hits the API |
|
|
| **Mutating** (`create`, `update`, `exec`, `scp`, `resize`, …) | ⚠️ Confirmed in `strict` mode; auto-allowed in `relaxed` |
|
|
| **Destructive** (`delete`, `terminate`, `release`, `revoke`, `disassociate`, `unprotect`, `remove`) | 🔴 Always confirmed |
|
|
|
|
The allowlist is the same set used by the Excloud agent backend — union of every read-only verb from the live OpenAPI surface plus CLI-only commands.
|
|
|
|
## Safety modes
|
|
|
|
Toggle at any time with `/exc-safety`:
|
|
|
|
| Mode | Behavior |
|
|
|---|---|
|
|
| `relaxed` *(default)* | Only destructive commands require confirmation |
|
|
| `strict` | Every mutating command requires confirmation |
|
|
| `off` | No interception — all commands pass through |
|
|
|
|
## Install as a pi package
|
|
|
|
```bash
|
|
pi install git:git.excloud.dev/excloud-in/exc-safety
|
|
```
|
|
|
|
Or project-local (committed with your team's `.pi/settings.json`):
|
|
|
|
```bash
|
|
pi install -l git:git.excloud.dev/excloud-in/exc-safety
|
|
```
|
|
|
|
## License
|
|
|
|
MIT — see [LICENSE](./LICENSE).
|