Back to feed
Dev.to
Dev.to
5/9/2026
shk: A Local-First Security Guardrail CLI for AI Coding Agents

shk: A Local-First Security Guardrail CLI for AI Coding Agents

Short summary

shk is a local-first CLI for scanning secrets and PII before sharing context with AI coding agents like Claude Code, Cursor, and Codex. It offers secret masking, managed hooks for audit/blocking, and Git/CI integration through a single policy file. Install via curl/PowerShell and run 'shk init' followed by 'shk scan .' to secure your AI workflows.

  • Pre-commit security scanner designed for AI coding agent workflows, not just Git commits
  • Integrated hooks for Claude Code, Cursor, and Codex with audit and blocking modes
  • Single policy file with CLI masking, managed hooks, and GitHub Actions support

Generated with AI, which can make mistakes.

#ai-tools#ai-agents#open-source
Read full article at Dev.to

Is this a good recommendation for you?

Explore more

Why I Stopped Letting Claude Shell Out for Security Scans
Dev.to
Security in the Age of Coding Agents
Dev.to
AI-Generated Code Is Merging Into Your Main Branch. Are You Sure It's Safe?
Dev.to
A pragmatic threat model for AI coding agents, with controls you can ship today
Dev.to