The Intracept Registry

An open-source, structured database of CLI command translations. Human-written. Deterministic. No LLM involved.

Every entry maps a CLI tool and its flags to a plain-English translation, a verdict (allow / require_approval / deny), and a rationale explaining why.

1,244
CLI tools
3,800+
flag definitions
100k+
translations
0
LLM calls

How it works

The registry is a collection of TOML files, one per CLI tool. Each file defines the tool, its subcommands, and every flag with:

Translation
Plain-English explanation of what the flag does in context
Verdict
allow, require_approval, or deny
Rationale
Why this verdict was assigned
Tags
Categories enabling policy rules (destructive, network, etc.)

When an agent runs a command, Intracept parses it, looks up matching entries in the registry, composes the translation from individual flag translations, and enforces the strictest verdict.

Example entry

Each tool is a single TOML file in the registry. Here is git push with four of its flags:

registry/git.toml
[tool]
name = "git"
description = "Distributed version control system"

[[tool.commands]]
name = "push"
description = "Upload local branch to remote"

[[tool.commands.flags]]
name = "--force"
aliases = ["-f"]
translation = "Overwrite the remote branch history with your local history, permanently discarding any commits on the remote that are not in your local branch"
verdict = "require_approval"
rationale = "Rewrites shared history; can cause data loss for collaborators"
tags = ["destructive", "remote"]

[[tool.commands.flags]]
name = "--no-verify"
translation = "Skip all pre-push hooks (linting, tests, security checks) and push directly"
verdict = "require_approval"
rationale = "Bypasses safety checks that may prevent pushing secrets or broken code"
tags = ["bypass-safety"]

[[tool.commands.flags]]
name = "--set-upstream"
aliases = ["-u"]
translation = "Push and set the remote branch as the default tracking branch for future push/pull"
verdict = "allow"
rationale = "Standard workflow operation with no destructive side effects"
tags = ["configuration"]

[[tool.commands.flags]]
name = "--delete"
aliases = ["-d"]
translation = "Delete the specified branch from the remote repository"
verdict = "require_approval"
rationale = "Permanently removes a remote branch; may affect other collaborators"
tags = ["destructive", "remote"]

Verdicts

Every flag in the registry is assigned exactly one verdict:

allow

Safe command. Auto-approved, no user interaction required. The translation is shown inline for visibility but execution is never blocked.

require_approval

Potentially dangerous. The translation is shown to the user and they must explicitly approve before the command runs. Most destructive, network, or privilege-escalating commands fall here.

deny

Blocked entirely. The command is never executed regardless of user input. Reserved for commands with no legitimate use in an agentic context (e.g., rm -rf /).

Tags

Tags categorize what a flag does. Organizations can write policy rules against tags (e.g., “deny all commands tagged data-exfiltration”).

destructiveDeletes or overwrites data irreversibly
networkSends data to or fetches from external hosts
privilege-escalationElevates permissions (sudo, chmod, etc.)
data-exfiltrationCould leak sensitive data to external systems
bypass-safetySkips hooks, checks, or verification steps
remoteModifies state on a remote server or service
configurationChanges system or tool configuration
filesystemReads, writes, or modifies files on disk

Contributing

The registry is open source and contributions are welcome. To add a new tool or flag translation:

  1. Fork intracept-registry
  2. Create or edit the TOML file for the tool (e.g., registry/kubectl.toml)
  3. Every flag entry must include: translation, verdict, and rationale
  4. Open a PR with a description of what the tool/flag does

Quality bar: Translations must be precise and unambiguous. They should explain what happens, not restate the flag name. “Force push” is not a translation; “Overwrite the remote branch history with your local history, permanently discarding any commits on the remote that are not in your local branch” is.

Browse the registry

View the full source, search entries, or contribute new translations.

github.com/laurenalexander2/intracept-registry