manuelschipper

manuelschipper / nah

Public

Context-aware safety guard for Claude Code. A permission system you control.

273
11
100% credibility
Found Mar 12, 2026 at 244 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Python
AI Summary

nah is a safety guard that monitors and controls tool actions in AI coding environments like Claude Code to prevent harmful operations such as data deletion or exfiltration.

How It Works

1
🔍 Hear about safer AI coding

You discover nah while using your AI coding helper and worry about risky actions like deleting files or accessing secrets.

2
📥 Get the safety guard

Download and set it up in moments with a simple command, no hassle involved.

3
🛡️ Turn on protection

Activate the guard with one click, and it starts watching every action your AI tries to take.

4
🤖 Let AI code freely

Your AI helper runs commands like reading files or running tests, feeling secure knowing the guard is alert.

5
Guard checks the action
Safe action

It lets safe things like testing code go right through without interrupting.

Risky action

It pauses dangerous moves like deleting important files and asks for your confirmation.

6
🔧 Tweak if you want

Easily adjust rules for your projects, like trusting certain folders, to fit your needs perfectly.

🎉 Code worry-free

Enjoy powerful AI help that stays safe, protecting your files and secrets while boosting your productivity.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 244 to 273 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is nah?

nah is a Python safety guard for Claude Code that intercepts every tool call—Bash, Read, Write, Edit, Glob, Grep, and MCP tools—before execution, using context-aware classification to decide allow, ask, or block. It solves Claude's coarse allow/deny permissions by analyzing commands structurally: git push is fine, but --force asks; rm __pycache__ ok, but ~/.bashrc nah; plus content scans for secrets or malware in writes. Users get a controlled permission system with full logging, CLI testing like nah test "rm -rf /", and YAML config for custom rules.

Why is it gaining traction?

Zero-config start with profiles (full, minimal, none), a 5-minute /nah-demo of 25 threat cases, and optional LLM escalation via Ollama or OpenAI for ambiguous calls. CLI shines for dry-runs, rule tweaks (nah allow git_history_rewrite), and logs (nah log --blocks). Project .nah.yaml tightens global rules without supply-chain risks, perfect for context-aware safety in LLM coding agents.

Who should use this?

Claude Code users crafting complex prompts with Bash tools. Teams sharing AI-assisted repos needing exfil/data-loss guards. Devs benchmarking context-aware safety for large language models in agentic workflows.

Verdict

Essential for Claude Code heavyweights—installs clean, docs comprehensive, CLI intuitive. 192 stars and 1.0% credibility mark it alpha; run the demo and nah log before trusting in high-stakes setups.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.