╔═╗ ╦ ╦ ╔═╗ ╦═╗ ╔╦╗ ╦ ╔═╗ ╔╗╔
║ ╦ ║ ║ ╠═╣ ╠╦╝  ║║ ║ ╠═╣ ║║║
╚═╝ ╚═╝ ╩ ╩ ╩╚═ ═╩╝ ╩ ╩ ╩ ╝╚╝

Stop AI slop before
it hits your codebase.

Deterministic checks that catch disasters. No AI required to run.

Works with Claude, GPT, Copilot, Cursor — any AI coding tool.

Also available via curl -fsSL https://raw.githubusercontent.com/forrest-aleq/guardian/main/install.sh | sh

Built for creators, not just coders

AI brought you back to building. Guardian keeps you shipping.

I used to code

You coded in the 80s or 90s. Now you're building again with Claude. Guardian catches what you might miss.

I don't know code

You're a founder or creator shipping with AI. When something breaks, Guardian tells you what to paste into Claude to fix it.

I move too fast

You're shipping features daily. Guardian is your safety net—42ms to catch what code review would miss.

of AI coding failures are preventable

with traditional, deterministic checks

Real stories. Real prevention.

“Claude deleted my entire home directory”

Prevented by: dangerous-cmds

“$3,600 bill from a stuck API loop”

Prevented by: runaway detection

“Shipped test@example.com to 10,000 users”

Prevented by: mock-data

SQL injection

f-strings in database queries

cursor.execute(f"SELECT * FROM users WHERE id = {id}")

Destructive commands

rm -rf, DROP TABLE without safeguards

os.system(f"rm -rf {path}")

Hardcoded secrets

API keys and passwords in source

api_key = "sk-live-abc123def456"

Don't know how to fix it?

Guardian writes the prompt for you. Copy. Paste. Fixed.

Step 1: Run guardian prompt

$ guardian prompt

What do you need help with?

❯ I have issues and don't know how to fix them

I need to set up pre-commit

I don't understand the error

I want to change the rules

Step 2: Paste into Claude

Generated prompt (copied to clipboard)

I ran Guardian and it found problems:

src/api/users.py:34 - sql-injection

f-string in SQL query

src/api/users.py:89 - secret-pattern

Hardcoded API key detected

src/utils/cleanup.py:12 - dangerous-cmd

rm -rf without safeguard

Please fix each issue. After fixing,

run `guardian` to verify.

No more guessing. No more “how do I ask Claude to fix this?”

Guardian explains the problem and tells the AI exactly how to fix it.

Works with your stack

Python

FastAPI, Django, Flask

TypeScript

React, Node, Next.js

Standard library

PHP

Laravel

Single binary. Zero dependencies.

Written in Go. Downloads in seconds, runs instantly. Pre-commit hooks catch issues before they land.

42ms to scan 10,000 files

Runs locally—no network, no cloud

macOS, Linux, Windows

Works offline, works everywhere

Binary size

<15MB

Dependencies

None

Language

TerminalClick to run
$ 

What Guardian catches

Fast, deterministic checks. No AI, no cloud.

Security

sql-injectionf-strings in SQL queries

secret-patternsHardcoded API keys, passwords

ban-evaleval(), exec() usage

dangerous-cmdsrm -rf, DROP TABLE, DELETE FROM

subprocess-shellshell=True in subprocess

mutable-defaultdef foo(items=[])

Code Quality

file-sizeFiles over 500 lines

func-sizeFunctions over 50 lines

mock-datatest@example.com, placeholder values

ban-exceptBare except: blocks

ban-printprint() / console.log() statements

todo-markersTODO, FIXME, HACK comments

Optional

Bring your own AI key

Core checks run locally with zero dependencies. Optional AI features use your Gemini API key for smart config generation.

Your key, your control

Gemini API. ~$0.001 per use.

Smart config generation

Analyzes your codebase, suggests rules.

No account required for core features. AI is opt-in.

$ guardian init --smart

Smart Scan Results

Detected:

Language: Python

Framework: FastAPI

Source: src/

Recommendations:

+ Enable SQL injection checks

+ Enable async checks

+ Add mock patterns from codebase

Apply this configuration? (Y/n)

Ship with confidence

Never ask “did Claude break something?” again.

Terminal

# Install

$ brew install forrest-aleq/guardian/guardian

# Add to your project

$ guardian add python

# Run it

$ guardian

Also available via curl -fsSL https://raw.githubusercontent.com/forrest-aleq/guardian/main/install.sh | sh

Pre-commit integration

Guardian creates a .pre-commit-config.yaml that runs checks on every commit. Issues are caught before they reach your repository.

Blocks bad commits

Works with git hooks

CI/CD compatible

You own the checks

Guardian copies check scripts to your project. They're just Python files in .guardian/. Read them. Edit them. Add your own patterns.

No magic. No vendor lock-in. Open source.

.guardian/check_dangerous.py

# You can edit this

DANGEROUS_PATTERNS = [

"rm -rf"

"DROP TABLE"

"DELETE FROM"

# Add your own...

]

Stop AI slop beforeit hits your codebase.