demo_cli is a small local proof-of-concept for AI coding agents. It checks risky commands before they run, previews what will be affected, captures a recovery point, and gives you one-command undo.
// early build · local demo · tell us what breaks
An agent can move from a harmless task to a destructive command like DELETE, DROP, terraform destroy, or kubectl delete faster than a human can review every step.
If the safety layer only says no, the agent stops mid-task, developers get frustrated, and the tool gets removed. The safer default should preserve momentum.
After a destructive command runs, knowing what happened is useful, but it is not recovery. You need a preview, a snapshot, and an undo path before the change lands.
demo_cli sits in front of commands an AI coding agent wants to run. Safe reads pass. Destructive commands get previewed, snapshotted, logged, and made undoable.
For destructive database commands, the hook converts the action into a preview so you can see which rows would be affected before the command runs.
When a command is recoverable, demo_cli captures a recovery point before the action executes, so a mistake does not have to become permanent.
After a risky action, the demo provides a one-command undo path and writes decisions to a hash-chained receipt log for later review.
The current demo focuses on one concrete mechanism: classify the command, preview destructive database changes, snapshot what can be recovered, and leave a receipt of the decision.
This demo is intentionally narrow: a local hook for AI coding agents, focused on destructive database commands, recoverable file targets, common infra commands, and a clear undo path.
# nothing leaves your machine - it is a local hook git clone https://github.com/WePwn/demo_cli cd demo_cli chmod +x start.sh ./start.sh # runs: local db setup, safe read, recoverable cleanup, context mismatch, undo
This is an early build. The goal is simple: show the mechanism, get feedback, and learn what should be supported next.
Open on GitHub → Share feedback →Local test database, destructive SQL preview, snapshot, undo.
Postgres and MySQL are the natural next step if the demo resonates.
Infra, shell, git, CI/CD and agent integrations based on feedback.
“The question we want feedback on: would preview, snapshot, undo and receipts make agent workflows safer without killing momentum?”
No. This is a rough proof-of-concept built to validate one mechanism: preview before destructive action, snapshot before change, undo after. Run it locally, break it, and tell us where it falls over.
A local hook checks a command before it runs. Safe reads are allowed immediately. Supported destructive commands can trigger a dry-run preview, a snapshot, a receipt entry, and an undo path. Nothing leaves your machine.
No. Those still matter. This demo explores one extra safety step: before a destructive command runs, make it previewable, recoverable, and auditable.
The repo shows a local test with Claude Code, but the idea is not tied to one agent. The hook is just a Python file you can place in front of commands during a local demo workflow.
Open an issue on GitHub. The most useful feedback is: what broke, what command should be supported next, whether the preview was clear, and what you would need before testing this near a real workflow.
The goal is feedback, not a polished launch. Try the demo, open an issue, and tell us where the mechanism breaks or what would make it useful.
This is an early local demo. Feedback on the hook, the preview, the undo flow, and missing command classes is the useful part right now.