bash-vet-mcp
JSON →MCP server that vets LLM-emitted shell commands BEFORE execution. 30 detection rules across destructive file ops, package managers, system, database, git, network, exfiltration, privilege escalation. Sub-second, local, free.
Install
pip install bash-vet-mcp Tools · 1
- vet_command_chain Vets a shell command chain for destructive operations before execution. Detects rm -rf, package-manager glob removal, filesystem destruction, privilege escalation, network-exfil, chained shutdown/reboot, and git destructive ops. Returns verdict (BLOCK/ALLOW), risk_score, findings with severity levels, and recommendations.