HackerTrans
TopNewTrendsCommentsPastAskShowJobs

otherland26

no profile record

Submissions

Show HN: HAL – Harmful Action Limiter: Lean command guard for AI coding agents.

github.com
3 points·by otherland26·4 mesi fa·9 comments

comments

otherland26
·4 mesi fa·discuss
Thanks! How do you mean?
otherland26
·4 mesi fa·discuss
Good question. If your threat model is “Claude does something dumb I’ll regret” HAL is enough and way less friction (one tool does one thing)
otherland26
·4 mesi fa·discuss
"Just use a deny list" is the other obvious response. You could. You'd need to write every rule yourself, maintain it, and accept that string-matching rm -rf will flag git commit -m 'fix rm -rf bug' as dangerous. Plus, this enables shared rules across our company’s engineers/teams
otherland26
·4 mesi fa·discuss
I built a thing. Relevant if you use Copilot or Claude Code in autopilot mode.

Copilot's hook system lets you intercept commands before they run, but it ships without any. No rules, no protection. If you don't install a hook, everything goes straight through.

I kept thinking about this after an agent ran rm -rf in one of my sessions.

So I wrote HAL. It sits in the hook, checks every command against a set of rules, and blocks the destructive ones. git reset --hard, rm -rf /, docker system prune -a that sort of thing. It knows --force is dangerous but --force-with-lease is fine. It knows rm -rf node_modules is safe but rm -rf src isn't.

You might say "I just won't use autopilot" or "I'll review each command myself." That works with one session. It doesn't work with several running in parallel.

And the thing that asks "allow Bash?" every time trains you to click yes without reading...

Also it parses commands as tokens, not strings. So git commit -m 'fix rm -rf bug' doesn't false-positive.

Rules are YAML files, not code. About 400 lines of Python total. Covers git, filesystem, Docker, AWS and Azure out of the box.

pip install openhal && hal install

Open source, contributions welcome https://github.com/otherland/hal