Skip to content
Magic Shell

Safety Levels

Magic Shell includes a comprehensive safety analysis system that categorizes commands by risk level and can block dangerous operations.

Severity Levels

Section titled “Severity Levels”

Every command is analyzed and assigned a severity level:

Low

Section titled “Low”

Commands worth reviewing but generally safe.

Terminal window
git checkout main
npm install
ls -la

Behavior: Executed without confirmation in all safety modes.

Medium

Section titled “Medium”

Commands requiring elevated privileges or making notable changes.

Terminal window
sudo apt install nginx
chmod 755 script.sh
rm -rf node_modules/

Behavior: May require confirmation depending on safety level.

High

Section titled “High”

Commands with significant risk of data loss or system changes.

Terminal window
sudo rm -rf /var/log/*
kill -9 -1
shutdown -h now

Behavior: Requires confirmation in moderate and strict modes.

Critical

Section titled “Critical”

Commands that could cause irreversible system damage. These are always blocked.

Terminal window
rm -rf /           # Delete entire filesystem
:(){ :|:& };:      # Fork bomb
dd if=/dev/zero of=/dev/sda  # Overwrite disk
chmod -R 777 /     # Recursive permission change on root

Safety Modes

Section titled “Safety Modes”

Configure your preferred safety level:

Strict

Section titled “Strict”

Confirm all potentially risky commands (low and above).

Terminal window
msh --safety strict

Best for:

  • Learning environments
  • Production servers
  • Shared systems

Moderate (Default)

Section titled “Moderate (Default)”

Confirm high severity commands; critical commands are always blocked.

Terminal window
msh --safety moderate

Best for:

  • Daily development work
  • Personal machines
  • Balanced protection

Relaxed

Section titled “Relaxed”

Skip confirmations for most commands; critical commands are still blocked.

Terminal window
msh --safety relaxed

Best for:

  • Experienced users
  • Quick scripting
  • Trusted environments

Blocked Patterns

Section titled “Blocked Patterns”

Certain dangerous patterns are always blocked, regardless of safety level:

PatternRisk
rm -rf /Delete entire filesystem
rm -rf ~Delete home directory
:(){ :|:& };:Fork bomb
> /dev/sdaOverwrite disk
mkfs.*Format filesystem
wget | shPipe download to shell
curl | bashPipe download to shell
chmod -R 777 /Recursive root permission change

How Analysis Works

Section titled “How Analysis Works”

Magic Shell analyzes commands using:

  1. Pattern Matching: Regex patterns detect known dangerous commands
  2. Privilege Detection: Commands using sudo, doas, etc. are flagged
  3. Path Analysis: Operations on sensitive paths (/, /etc, /usr) are scrutinized
  4. Combination Detection: Dangerous flag combinations are identified

Dry-Run Mode

Section titled “Dry-Run Mode”

Use dry run to see safety analysis without executing:

Terminal window
msh -n "delete all log files older than 30 days"

Output includes:

  • The translated command
  • Severity level
  • Matched patterns (if any)
  • Whether confirmation would be required

Customization

Section titled “Customization”

Blocked Commands

Section titled “Blocked Commands”

Add custom patterns to block in your config:

{
  "blockedCommands": [
    "DROP TABLE",
    "TRUNCATE TABLE"
  ]
}

Confirmed Patterns

Section titled “Confirmed Patterns”

Track patterns you’ve previously confirmed:

{
  "confirmedDangerousPatterns": [
    "rm -rf node_modules"
  ]
}

Best Practices

Section titled “Best Practices”
  1. Start with strict mode when learning or on new systems
  2. Use dry run (-n) for unfamiliar queries
  3. Review commands before using -x flag
  4. Keep moderate mode for daily work
  5. Never bypass safety for commands you don’t understand