{"id":49686617,"url":"https://github.com/sezaakgun/yolonot","last_synced_at":"2026-05-07T10:01:50.437Z","repository":{"id":350277531,"uuid":"1206067868","full_name":"sezaakgun/yolonot","owner":"sezaakgun","description":"Smart auto-mode for Claude Code. The safe alternative to --dangerously-skip-permissions.","archived":false,"fork":false,"pushed_at":"2026-04-17T12:48:04.000Z","size":6486,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-04-17T14:23:12.829Z","etag":null,"topics":["claude-code","cli","developer-tools","go","llm","security"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sezaakgun.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-04-09T14:43:31.000Z","updated_at":"2026-04-17T12:48:06.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/sezaakgun/yolonot","commit_stats":null,"previous_names":["sezaakgun/yolonot"],"tags_count":3,"template":false,"template_full_name":null,"purl":"pkg:github/sezaakgun/yolonot","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sezaakgun%2Fyolonot","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sezaakgun%2Fyolonot/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sezaakgun%2Fyolonot/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sezaakgun%2Fyolonot/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sezaakgun","download_url":"https://codeload.github.com/sezaakgun/yolonot/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sezaakgun%2Fyolonot/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32732349,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-07T02:14:30.463Z","status":"ssl_error","status_checked_at":"2026-05-07T02:14:29.405Z","response_time":62,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["claude-code","cli","developer-tools","go","llm","security"],"created_at":"2026-05-07T10:01:46.817Z","updated_at":"2026-05-07T10:01:50.404Z","avatar_url":"https://github.com/sezaakgun.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n  \u003cimg src=\"assets/logo.png\" alt=\"yolonot\" width=\"180\"\u003e\n\u003c/p\u003e\n\n\u003ch1 align=\"center\"\u003eyolonot\u003c/h1\u003e\n\n\u003cp align=\"center\"\u003e\n  Smart auto-mode for AI coding assistants. The safe alternative to \u003ccode\u003e--dangerously-skip-permissions\u003c/code\u003e.\u003cbr\u003e\n  Built for Claude Code. Also works with Codex CLI, OpenCode, Gemini CLI, and Cursor.\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"LICENSE\"\u003e\u003cimg src=\"https://img.shields.io/badge/license-MIT-blue.svg\" alt=\"License\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/sezaakgun/yolonot/actions\"\u003e\u003cimg src=\"https://github.com/sezaakgun/yolonot/actions/workflows/test.yml/badge.svg\" alt=\"Tests\"\u003e\u003c/a\u003e\n  \u003cimg src=\"https://img.shields.io/badge/go-1.25+-00ADD8.svg\" alt=\"Go 1.25+\"\u003e\n\u003c/p\u003e\n\n---\n\nyolonot sits between your AI coding assistant and your shell. It uses an LLM to classify every Bash command as **safe** (allow) or **needs-review** (ask), with session memory so approved commands don't ask twice and rejected commands stay blocked. Deny rules give you absolute blocks nothing can override.\n\n\u003e **Claude Code first.** yolonot was designed for Claude Code and that's where it gets the richest UX (full allow/ask/deny). Cursor, Codex CLI, OpenCode, and Gemini CLI adapters ship in-tree but have upstream hook-API limitations — see [docs/harnesses.md](docs/harnesses.md) for each host's caveats.\n\n\u003e **⚠ LLMs are not deterministic.** yolonot's classifier is a probabilistic safety net, not a guarantee. Models hallucinate, miss context, and can be tricked by adversarial prompts. Use yolonot at your discretion: keep your own judgment in the loop, write **deny rules** for anything you truly never want run (rules beat the LLM, always), and don't treat it as a substitute for reviewing what your AI assistant is doing. If yolonot allows a destructive command, **you** are still the one who installed it on your machine.\n\n## Quick start\n\n### 1. Pick an LLM provider\n\n| Provider | Cost | Latency | Key |\n|----------|------|--------:|-----|\n| **OpenAI** `gpt-5.4-mini` | ~10¢/day | ~500ms | `OPENAI_API_KEY` |\n| **Ollama** `gemma4:e4b` | free | 2–10s | — (local) |\n| **Claude Code** (default) | free | ~10s | — (subscription) |\n\nFull matrix in [docs/providers.md](docs/providers.md).\n\n### 2. Install\n\n```bash\ngo install github.com/sezaakgun/yolonot@latest\n\n# Make sure Go bin is in PATH\nexport PATH=\"$PATH:$(go env GOPATH)/bin\"\n\n# First-run wizard: hooks + rules + provider pick\nyolonot setup\n```\n\n### 3. Restart your host CLI\n\nHooks are read at startup, so restart Claude Code (or whichever harness you're using) to activate yolonot.\n\nThat's it. Every Bash command now runs through [the pipeline](docs/how-it-works.md).\n\n## Docs\n\n| Topic | File |\n|-------|------|\n| How the pipeline decides — layers, hook ordering, pausing, dry-run | [docs/how-it-works.md](docs/how-it-works.md) |\n| All CLI + `/yolonot` skill commands | [docs/commands.md](docs/commands.md) |\n| `.yolonot` rule files — format, walk-up, messages, redirects, sensitive files | [docs/rules.md](docs/rules.md) |\n| Pre-check hooks — `fast-allow` internals, Dippy integration, security model | [docs/pre-check.md](docs/pre-check.md) |\n| Risk tiers — per-harness action policy, overrides | [docs/risk-tiers.md](docs/risk-tiers.md) |\n| LLM providers — matrix, env vars, response schema | [docs/providers.md](docs/providers.md) |\n| Harnesses — install flags, runtime pinning, per-host caveats | [docs/harnesses.md](docs/harnesses.md) |\n| Analytics — `yolonot log`, `stats`, `suggest`, quiet mode | [docs/analytics.md](docs/analytics.md) |\n| Eval suite — test prompt quality across models | [docs/eval.md](docs/eval.md) |\n| Architecture — code layout, data directory | [docs/architecture.md](docs/architecture.md) |\n\n## Uninstall\n\n```bash\nyolonot uninstall    # removes hooks + skill, preserves data\n```\n\nData at `~/.yolonot/` is preserved. Delete manually if wanted.\n\n## Acknowledgements\n\nThe built-in `fast-allow` pre-checker is heavily inspired by [**Dippy**](https://github.com/lilydayton/dippy) by Lily Dayton — specifically its `SIMPLE_SAFE` allowlist, subcommand-gating approach for multiplex tools (`git`, `docker`, `kubectl`, …), and its hostile-input test corpus. yolonot ports the allowlist tables into Go and re-walks the AST via [`mvdan.cc/sh`](https://github.com/mvdan/sh) instead of Dippy's hand-written Python bash parser (Parable). Where yolonot's parser reaches ambiguity it defers to the LLM — a fallback Dippy doesn't rely on — so the Go port can be stricter (reject-to-LLM) without hurting UX. The `dippy_parity_test.go` corpus and the rules system owe a direct debt to the Dippy project. MIT-licensed, credited in file headers.\n\n## License\n\nMIT. See [LICENSE](LICENSE).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsezaakgun%2Fyolonot","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsezaakgun%2Fyolonot","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsezaakgun%2Fyolonot/lists"}