Terminal Guardian
Buy Now — $49
Windows • PowerShell 7+ • v2.3.3

One bad PowerShell command can delete everything.

Terminal Guardian evaluates every command before it executes — and stops the ones that shouldn't run.

Local-first enforcement. No ML guesswork. No subscription. A policy-based safety layer for PowerShell 7+ on Windows — active before your finger leaves the Enter key.

No cloud required No subscription One-time payment Ships validated v2.3.3
Get Terminal Guardian — $49 See How It Works
Instant ZIP download after purchase Setup in under 2 minutes Delivered via Gumroad
Proof of integrity & trust model →
PowerShell 7+ — Terminal Guardian active
PS C:\Prod> Import-Module TerminalGuardian
PS C:\Prod> Get-ChildItem C:\Services\*
ALLOW risk: low • policy: default-safe
PS C:\Prod> ↑ pasted from AI assistant
PS C:\Prod> [destructive test fixture]
BLOCK destructive-delete-guardrail • execution halted
⚠ Command stopped before execution. Logged.
PS C:\Prod> tg selftest
All checks passed ✓
Windows only | PowerShell 7+ (pwsh) required | Local-first enforcement — no cloud dependency | One-time payment — no subscription | Delivered via Gumroad

What happens with one wrong command?

PowerShell is powerful by design. That's the problem. A single command can wipe directories, overwrite configs, or expose credentials — and undo is not always an option.

Destructive delete

A single destructive paste from an AI assistant, a tab-complete gone wrong, or a script targeting the wrong path. Gone.

Copy-paste from the browser

You copy a command from Stack Overflow or a blog post. You don't read the full flags. Or the page was modified. Paste-and-run is one of the most common sources of terminal accidents.

AI-generated commands

ChatGPT and Copilot generate plausible-looking PowerShell. They also hallucinate flags, target wrong paths, and omit safety qualifiers. Running AI output without a guardrail is a production risk.

Disk wipe and volume operations

Disk wipe and volume operations have irreversible effects. When run under automation or elevated sessions, the damage is instant and total.

Credential exposure in logs

Passwords, tokens, and API keys passed inline in commands end up in history files, audit logs, and CI outputs. Without redaction, sensitive data lives in your terminal trail.

Admin mistakes under pressure

Incident response, late-night deployments, rushed rollbacks. When you're moving fast in an elevated session, the probability of a catastrophic command is highest exactly when you can least afford it.

What Terminal Guardian helps stop

Every command is evaluated against your active policy before execution. Not after. Not in a log you review later. Before.

Destructive deletes

Recursive delete, recursive wipe, and disk-clearing operations — blocked or challenged by policy. Your production directories don't get deleted because a policy rule fires before the shell does.

Dangerous copy-paste

Commands pasted from browsers, docs, or chat tools are evaluated the same as any other command. If the pasted content triggers a policy rule, it gets challenged or blocked before execution.

Risky AI-generated commands

You use AI tools to write PowerShell. That's fine. Terminal Guardian acts as the safety layer between what the AI suggested and what your machine actually executes. Run AI output with a guardrail, not on faith.

Costly admin mistakes

Registry edits, service kills, database operations — challenged or blocked depending on your policy. The confirmation step isn't friction. It's the 2-second pause that separates an incident from a near-miss.

How it works

Terminal Guardian hooks into your PowerShell session and intercepts every command before execution. No ML. No heuristics. Rules-based policy that returns one of four deterministic outcomes.

ALLOW

Command clears policy.

Execution proceeds normally. Nothing visible to the user. Zero friction.

WARN

Elevated risk detected.

Execution continues but a visible warning is displayed and logged to the audit trail.

CHALLENGE

Confirmation required.

Execution pauses. Explicit confirmation needed. Outcome is logged either way.

BLOCK

Command halted.

Execution stopped. Policy rule name and actor logged to audit trail. Nothing runs.

Policy + Audit in one view

Active policy packs define what gets blocked, challenged, or allowed. Every event — with redacted secrets — is captured in a searchable audit trail. SHA-256 integrity verification confirms your policy hasn't been tampered with.

  • SHA-256 policy manifest integrity verification
  • Secret redaction on all log output
  • Destructive command guardrails active by default
  • Dry-run mode to preview policy outcome before execution
  • Full governance trail for incident forensics
Policy + Audit Overview

Active Policy Pack

– destructive-delete-guardrail
– diskwipe-protection
– prod-database-guard
– challenge-threshold-high

✓ SHA-256 manifest verified

Recent Audit Events

BLOCK  [destructive test fixture]
Policy: destructive-delete-guardrail • Actor: build-agent-04
Redaction: token=[REDACTED]  key=[REDACTED]
CHALLENGE  Set-ItemProperty HKLM:\...
Outcome: confirm-once accepted • Session: 03f0a8
ALLOW  Get-ChildItem C:\Services\*
Risk score: low • Policy branch: default-safe

Compliance Summary

– Full event trail retained

– Secret redaction enabled

– Enforcement mode: strict

See the block in action

Watch Terminal Guardian intercept a destructive command in real time — before a single file is touched.

Evidence-Verified

Proof before promises

Every security claim on this page is backed by source code, passing automated tests, or both. Claims not supported by evidence are not made. verified-claims.json →

VERIFIED

PowerShell module

Native pwsh module with module manifest, selftest, and profile hook installer.

TerminalGuardian.psd1 • TerminalGuardian.psm1

VERIFIED

Denylist enforcement

13 shipped rules (TG-001–TG-013) covering destructive delete, disk wipe, format-volume, and recursive remove.

Rules/default-rules.json

VERIFIED

JSON-first rule evaluation

Explicit JSON denylist rules are evaluated before any semantic pipeline stage. No command can bypass the denylist via a later stage.

Private/RuleEngine.ps1 — JSON before semantic

VERIFIED

Action tiers: block • challenge • warn

Three distinct enforcement levels in the shipped ruleset. Block halts execution. Challenge requires confirmation. Warn alerts and logs.

default-rules.json — block, challenge, warn, allow

VERIFIED

Audit logging

Every enforcement event written to a local log: timestamp, event type, severity, rule ID, and redacted command. Blocked events always logged.

Private/Logger.ps1 — guardian_YYYY-MM-DD.log

VERIFIED

Secret redaction

Passwords, API keys, and tokens matching known patterns are replaced with [REDACTED] before any log write.

Private/Redaction.ps1 — pre-log scrub

VERIFIED

Local-first enforcement path

Command evaluation, policy matching, and enforcement run entirely on the local machine. No command content is sent to a remote server during normal enforcement.

Private/RuleEngine.ps1 — local-only evaluation

VERIFIED

Forced bypass audit logging

--TG-Force overrides a block or challenge — but is itself logged as a forced event at HIGH severity, unconditionally.

Private/Logger.ps1 — forced events always logged

VERIFIED

Fail-closed rule load protection

If rule files are missing, unreadable, or malformed, all commands are blocked — not silently allowed. A CRITICAL audit event is written unconditionally.

test-failclosed.ps1 — 15 assertions, 0 failed

VERIFIED

SHA-256 release checksum + integrity manifest

Every release ZIP has a published SHA-256 checksum. tg selftest compares local file hashes against the remote integrity manifest.

docs/CHECKSUMS.txt • Get-TGRemoteIntegrityManifest

VERIFIED

Semantic pipeline error fail-closed

If the AST semantic analysis pipeline throws an unexpected error, the response is block — not allow. All pipeline errors default to the safe outcome.

Private/RuleEngine.ps1 — semantic try/catch → block

VERIFIED

Clean automated test suite

Pester suite: 458 passed, 0 failed. Fail-closed assertions: 15 passed, 0 failed. Deterministic and reproducible from the installed module.

tests/ — Pester v3.4.0 • test-failclosed.ps1

v2.3.3 release SHA-256 checksum

14b4d6da1d8a888500463c66b592f63c9b95ea1c22620229f372a9411905205e   TerminalGuardian_Windows_PowerShell_v2.3.3.zip

Verify: Get-FileHash -Algorithm SHA256 -LiteralPath .\TerminalGuardian_Windows_PowerShell_v2.3.3.zip

Full trust model & technical proof → verified-claims.json
Safety Invariant

Fail-closed: safe even when something breaks

A security tool that silently allows everything when it breaks is not a security tool. Terminal Guardian defaults to block — not allow — when an error occurs.

1

Rules file missing or malformed

If the default rules file is absent, unreadable, or contains invalid JSON — all commands are blocked with RuleId=FAIL-CLOSED. A CRITICAL audit event is written unconditionally. Verified by 15 automated assertions.

2

Semantic pipeline error

If the AST-based semantic analysis pipeline throws an unexpected error, the policy decision is block — not allow. All pipeline failures are safe by default (TgCode=TG-SEM-ERR).

Recovery: Run Update-TerminalGuardianRules after fixing the rules file. Normal operation restores automatically on next load.
Fail-closed — rules file corrupted
# default-rules.json replaced with garbage data
PS C:\Prod> Update-TerminalGuardianRules
WARNING: TerminalGuardian: Could not load default rules: Invalid JSON...
PS C:\Prod> Get-Date
BLOCK FAIL-CLOSED • RULES_LOAD_FAILURE
⚠ Even safe commands blocked until rules are restored.
CRITICAL  RULES_LOAD_FAILURE - ENTERING FAIL-CLOSED MODE
  → guardian_2026-05-29.log (written unconditionally)

Why you can trust it

A safety tool has to be trustworthy by design. Here is what Terminal Guardian is — and what it explicitly is not.

Local-first

Core enforcement runs entirely on your machine. No command content is uploaded during normal enforcement. No cloud dependency for enforcement to function.

Deterministic

No machine learning. No scoring that shifts over time. The same command against the same policy produces the same outcome. Always.

Auditable

Every command evaluation is logged — outcome, policy rule, actor, redacted secrets. You can answer "what ran, when, under which policy, with what result" after any incident.

Honest scope

It governs the PowerShell session it is loaded into. It is not antivirus, not EDR, not a backup system. It does exactly what it claims — no more.

Scope note — read this

Terminal Guardian is a guardrail, not a vault.

It governs the PowerShell workflow it is loaded into. It is not antivirus, EDR, or a replacement for backups, endpoint controls, or change-review process. It does not protect other shells, WSL, or non-PowerShell processes. If you need one of those things, this is not that product.

Full trust model and non-scope →

Who uses Terminal Guardian

If you run PowerShell on Windows and mistakes have consequences, this is built for you.

Individual user

PowerShell developers

You write scripts daily. You work in production directories. You use AI tools to generate commands faster. One mistake at the wrong time costs hours of recovery work — or worse.

Operations

IT admins

You manage multiple machines and need consistent, enforceable behavior. You want a policy layer that documents what happened during every admin session — without standing over every user.

Infrastructure

DevOps & infra engineers

You work with production environments. Elevated sessions, build agents, rollback scripts. The cost of a wrong command is a P1 incident. A guardrail running in the session before execution is exactly the right tool.

Security

Security-conscious teams

You need an audit trail. You need policy enforcement. You need to be able to show, after an incident, exactly what commands ran and what was blocked. Terminal Guardian gives you that for the PowerShell layer.

AI-assisted workflows

AI command users

You use ChatGPT, Copilot, or Claude to generate PowerShell. That's now normal. Terminal Guardian is the safety layer between what the AI suggests and what your machine executes. Use AI — just don't run it blind.

Service providers

MSP owners

You run PowerShell scripts across client machines. One technician running the wrong script on the wrong client environment is a liability. Policy enforcement and audit trails belong in your stack. Ask about team and MSP options →

Setup in under 2 minutes

Download from Gumroad, run one script, open a new pwsh window. Done.

  1. 1

    Buy and download the ZIP from Gumroad.

    One-time purchase. No GitHub account required.

  2. 2

    Extract the ZIP to any folder.

  3. 3

    Run setup.cmd and close all PowerShell windows.

  4. 4

    Open a new pwsh window and run:

    tg selftest

    All checks passing = clean install, enforcement active.

Requires: Windows Requires: PowerShell 7+ (pwsh) Not supported: Windows PowerShell 5.1

Simple, one-time pricing

No subscription. No renewal. Pay once, own it.

The math is straightforward.

A single production recovery incident — restoring deleted files, rolling back a bad script, tracing what ran — typically costs 4–8 hours of engineering time. At an average loaded rate, that's $600–$2,000 per incident. Terminal Guardian Personal is $49, once. The first blocked command pays for it.

Personal

$49

one-time • 1 machine

  • Full policy engine
  • Default policy packs
  • Audit trail
  • Local-first enforcement
  • tg selftest validation
Buy Personal
Most Popular

Pro

$149

one-time • up to 3 machines

  • Everything in Personal
  • Custom policy packs
  • Log export tools
  • Zero-trust policy template
  • Priority email support
Buy Pro

Team

$499

one-time • up to 25 seats

  • Everything in Pro
  • Team policy management
  • Centralized audit review
  • Deployment guidance
  • Coming soon
Join Waitlist

MSP / Enterprise

Custom

volume • contact us

  • Unlimited seat licensing
  • Custom policy engineering
  • Dedicated support
  • Volume pricing
  • SLA options
Contact Us

All tiers: Windows only • PowerShell 7+ only • One-time payment • No subscription

Frequently asked questions

No. Terminal Guardian requires PowerShell 7+ (pwsh). It does not support Windows PowerShell 5.1. If your environment runs only 5.1, you need to upgrade to pwsh first.

No. Terminal Guardian is a command guardrail. It evaluates PowerShell commands before execution based on policy rules. It does not scan files, monitor processes, detect malware, or replace endpoint security tools. Use it alongside your existing security stack — it handles the PowerShell execution layer specifically.

Core enforcement is entirely local. No commands or audit data are sent to external servers during normal operation. The tg selftest command performs a cloud-verified integrity check to validate the install — that is the only network call, and it is optional. You can see the full trust model at trust-model.html.

Terminal Guardian governs the PowerShell session it is loaded into. If someone opens a new PowerShell session outside your profile, or uses another shell entirely (cmd, bash, WSL), enforcement does not apply. It is a guardrail for deliberate workflows — not a hard security boundary for a hostile actor with local access. We say this clearly because honesty about scope is part of the trust model.

Yes. Terminal Guardian intercepts every command in the session regardless of source — typed by hand, pasted from a browser, or generated by an AI tool. If you paste a ChatGPT-generated command that matches a block rule, it is blocked. The source of the command is irrelevant to the policy engine.

Not currently. Gumroad provides a refund window if you purchase and find it is not what you expected. Contact support@meanrobotics.com with any pre-purchase questions.

No. Terminal Guardian is Windows-only in its current release. If you are interested in macOS or Linux support, use the form below to register interest — that helps determine priority for future platform expansion.

More questions? See the full FAQ →

Stop the next bad command before it runs.

Available now on Gumroad. One-time purchase. Download, run tg selftest, and enforcement is active.

Get Terminal Guardian — $49 Trust Model

v2.3.3 • Windows • PowerShell 7+ only • No subscription

Not on Windows? Interested in team licensing?

Leave your email and we'll notify you when Linux support or team features ship. No spam. Unsubscribe anytime.