What happened
Manuel Schipper released 'nah', an open-source, context-aware safety guard for Anthropic's Claude Code. 'nah' intercepts tool calls before execution, using a deterministic structural classifier to categorise commands by action type, such as filesystem_delete or git_history_rewrite. It inspects Bash, Read, Write, Edit, Glob, and Grep operations, checking sensitive paths, project boundaries, and content for risks like data exfiltration. For ambiguous cases, 'nah' can optionally consult an LLM, blocking actions like rm ~/.bashrc or git push --force while allowing safe operations.
Why it matters
This release enhances security and control for developers and security architects using Claude Code, moving beyond its basic allow/deny permissions. 'nah' prevents LLMs from executing "technically allowed but contextually wrong" commands, reducing the risk of accidental data loss or system compromise. For platform engineers, it offers granular policy enforcement, allowing teams to define precise rules for sensitive operations and content inspection, which was previously difficult with Claude Code's default settings. This follows Anthropic's recent focus on Claude Code security, providing an external, configurable layer of defence.
Subscribe for Weekly Updates
Stay ahead with our weekly AI and tech briefings, delivered every Tuesday.
