Back to feed
Dev.to
Dev.to
6/17/2026
Developer builds peek tool to

Developer builds peek tool to

Original: I stopped trusting curl | sh — so I built a tool that reads the script first

Short summary

A developer built peek, a 130-line POSIX shell script that audits remote install scripts before execution, scanning for risky patterns like sudo elevation, destructive file operations, obfuscated payloads, and credential access. peek assigns risk scores and blocks auto-run for dangerous scripts, making the `curl | sh` pattern safer by requiring human review. The tool is open-source, was AI-paired with Claude, and part of a wider suite of infrastructure-independent developer tools.

  • Built a security scanner (peek) that audits shell scripts before execution
  • Scans for risky patterns: sudo, rm -rf, eval, cron jobs, credential access
  • Open-source tool AI-paired with Claude; includes 11 other shell-based dev tools

Generated with AI, which can make mistakes.

#product-launch#open-source#ai-tools
Read full article at Dev.to

Is this a good recommendation for you?

Explore more

Why I Stopped Letting Claude Shell Out for Security Scans
Dev.to
shk: A Local-First Security Guardrail CLI for AI Coding Agents
Dev.to
Flibustier: Why We Built a Container Security Auditor in Pure Bash
Dev.to
I Built a Local Linux Binary Sandbox in Python — Zero Cloud, Zero Root
Dev.to