safe-chains
Agentic coding tools prompt you dozens of times for commands like git log --oneline | head -20, cargo test && cargo clippy -- -D warnings, or even find src -name "*.rs" -exec grep -l "TODO" {} \; | sort | while read f; do echo "=== $f ==="; grep -n "TODO" "$f"; done. You approve them all, and eventually stop reading the prompts, which is exactly when a destructive command slips through.
safe-chains parses these commands (pipes, chains, loops, subshells, nested wrappers) and auto-approves them when every segment is verifiably safe. The prompts that remain are the ones worth reading.
It covers 453 commands with flag-level validation, compound command parsing, and recursive subshell expansion, all deterministic, with no AI in the loop. If safe-chains isn’t sure, it doesn’t guess. It leaves the prompt for you.
safe-chains works as a Claude Code pre-hook, a CLI tool, or an OpenCode plugin.
Getting started
How it works
Command reference
- Overview — glossary and category index
- Adding Commands — how to contribute new commands