Govern Claude Code's agent the way you govern production agents. This plugin blocks the things you do not want an autonomous agent doing on your machine, locally and offline, and (optionally) mints a signed, offline-verifiable proof that the session was governed.
It blocks, before the action runs:
- Destructive commands (
rm -rf,git push --force,DROP TABLE,curl ... | sh) - Secret exfiltration (a command or file write that ships an API key, token, or
.env) - Prompt-injected tool results (a poisoned MCP reply or fetched page steering the agent)
Local blocking runs fully offline with no account and no API key. It is a thin,
self-contained wrapper around the published @axiorank/coding-guard,
which bundles the zero-dependency AxioRank detection engine.
This repo is both the plugin and a one-plugin marketplace:
/plugin marketplace add AxioRank/claude-plugin
/plugin install axiorank@axiorank
Restart or run /reload-plugins. Local blocking works immediately. To try it without
installing, run claude --plugin-dir ./ from a clone.
| Component | What it does |
|---|---|
hooks/hooks.json |
Runs the guard on PreToolUse, PostToolUse, and Stop. |
scripts/guard.sh |
Shim that prefers the vendored bin/guard.mjs (offline) and falls back to npx @axiorank/coding-guard; passes --agent claude-code. Fail-open. |
bin/guard.mjs |
Vendored coding-guard CLI (zero deps; runs on node). |
.mcp.json |
Registers AxioRank's remote MCP server (optional; needs AXIORANK_API_KEY). |
skills/coding-guard |
Model-invoked reference for what the guard blocks and how sealing works. |
/axiorank:verify-seal |
Verify the Coding Session Seal offline. |
/axiorank:governance |
Show the current session's governance status. |
Set an API key and each session is reported to your AxioRank workspace and sealed at the end:
export AXIORANK_API_KEY="axr_live_..."Sessions then appear under Coding Sessions, and
a signed seal lands in <repo>/.axiorank/session-<id>.seal.json. Verify it offline:
npx -y @axiorank/audit-verify coding-seal .axiorank/session-*.seal.jsonLocal blocking and central audit are free (audit counts against your plan's normal event quota). The signed Coding Session Seal is a Team-plan feature.
bin/guard.mjs is vendored from @axiorank/coding-guard. After bumping that package, run
node scripts/sync-binary.mjs and commit the updated binary. Run claude plugin validate
before publishing.
MIT licensed. Part of AxioRank.