Skip to main content
Turen’s 61 command validation rules prevent AI agents from executing destructive or dangerous shell commands. These rules are evaluated before the command runs — if a rule matches, the command is blocked and never executed.

What’s Protected

Filesystem Destruction

Commands that could delete or corrupt files:
  • rm -rf / and variants targeting critical paths
  • mkfs — formatting disks
  • dd — raw device writes
  • shred — secure file deletion
  • Overwriting boot sectors or MBR

System Modification

Commands that alter system configuration:
  • chmod 777 — overly permissive file permissions
  • chown root — unauthorized ownership changes
  • sysctl — kernel parameter modification
  • Service management commands that could disable security tools

Database Operations

Destructive database commands:
  • DROP TABLE / DROP DATABASE
  • TRUNCATE
  • Unfiltered DELETE statements
  • Database dump to external locations

Git and Publishing

Dangerous version control and publishing operations:
  • Force pushes to protected branches
  • Publishing packages to registries
  • Releasing to package managers
  • Clearing command history

Process and Security

Commands that could compromise system security:
  • Killing security processes
  • Disabling firewalls
  • Modifying audit configurations

Example

When Claude Code attempts to run a blocked command, Turen intercepts it: 
Developer: "Clean up the old test database"
Claude: I'll drop the test tables...

BLOCKED: DROP TABLE command detected
   Rule: CMD-42 (Critical)
The command never executes. Claude Code receives feedback that the action was blocked and can suggest a safer alternative.

Customization

You can adjust command validation rules to fit your workflow:
  • Disable specific rules if your team routinely uses certain commands in a controlled environment
  • Create custom rules to block organization-specific dangerous patterns
See Custom Rules for instructions.