I’m a Product Marketing Manager, not a professional engineer. I started 'vibe-coding' product hypotheses using Claude and Gemini to validate ideas fast.
But I quickly ran into a problem: I gave my AI agents too much freedom. In the heat of the moment, I’d rely on them to 'fix' a merge conflict, click 'Apply', and then watch in horror as they force-pushed broken history.
I realized a terrifying irony: I needed a safety layer against the very tools enabling me to build.
So I built SafeRun. It’s a middleware (CLI + Git Hooks) that intercepts destructive commands locally. It uses the Git `reference-transaction` hook (kernel level) to catch operations even if the agent tries to bypass shell aliases.
How it works:
1. Agent tries `git push --force` or `git reset --hard`
2. SafeRun blocks it locally (Zero-latency, no data sent)
3. It sends a Slack notification
4. You physically click "Approve" to let it pass
The client is Open Source (MIT) and works offline. The cloud part (for Slack alerts) is currently in public beta.
Since I'm a PMM "larping" as a dev—I’d really appreciate if you could roast my code/architecture. Did I miss any obvious security holes?
cocabadger•1h ago
I’m a Product Marketing Manager, not a professional engineer. I started 'vibe-coding' product hypotheses using Claude and Gemini to validate ideas fast.
But I quickly ran into a problem: I gave my AI agents too much freedom. In the heat of the moment, I’d rely on them to 'fix' a merge conflict, click 'Apply', and then watch in horror as they force-pushed broken history.
I realized a terrifying irony: I needed a safety layer against the very tools enabling me to build.
So I built SafeRun. It’s a middleware (CLI + Git Hooks) that intercepts destructive commands locally. It uses the Git `reference-transaction` hook (kernel level) to catch operations even if the agent tries to bypass shell aliases.
How it works:
1. Agent tries `git push --force` or `git reset --hard`
2. SafeRun blocks it locally (Zero-latency, no data sent)
3. It sends a Slack notification
4. You physically click "Approve" to let it pass
The client is Open Source (MIT) and works offline. The cloud part (for Slack alerts) is currently in public beta.
Since I'm a PMM "larping" as a dev—I’d really appreciate if you could roast my code/architecture. Did I miss any obvious security holes?
Repo: https://github.com/Cocabadger/saferun-api Site: https://saferun-landing.vercel.app