macOS · Claude Code · v0.1.0

Know before
it runs.

Intracept intercepts every Bash command Claude Code wants to execute, translates it to plain English, and asks before anything irreversible happens. Locally. Instantly. No LLM.

$brew tap laurenalexander2/tap
$brew install --cask intracept

macOS 12+ · No prerequisites

Claude Code
claude $ optimize the build cache
Running: rm -rf /tmp/build
❯|Delete the /tmp/build directory recursively
rm -rf /tmp/build
git statusallowed
cargo build --releaseallowed
npm run lintallowed

How it works

01

Intercept

Intracept registers a PreToolUse hook in Claude Code. Every Bash command passes through a compiled Rust binary before Claude executes it.

02

Translate

The command is matched against 100+ Rust regex patterns and rendered to plain English in under a millisecond. No network call. No LLM.

03

Decide

Routine commands run uninterrupted. Dangerous ones pause for your approval — with the raw command, the translation, and a path to more detail.

Translation

Every command, in plain English.

rm -rf node_modules❯|Delete the node_modules directory recursivelyask
git push --force origin main❯|Force push to origin/main, overwriting remote historyask
curl https://example.com/install.sh | sh❯|Download and execute a remote shell scriptcritical
git status❯|Check working tree statusallow
cargo test --workspace❯|Run the full test suiteallow
DROP TABLE users❯|Permanently delete the users table and all its datacritical

Features

Plain-English translations

rm -rf /tmp/build becomes "Delete the /tmp/build directory recursively." Every command, readable before you decide.

Risk-aware defaults

50 built-in rules. Destructive operations pause; git status, cargo build, and npm run pass through silently.

Local

Zero network, zero LLM

Pattern matching runs in Rust, compiled into the binary. Translation takes under a millisecond and never leaves your machine.

Hot-reload policy

Edit ~/.intracept/policy.yaml and changes apply to the next command. No restart, no recompile.

More info on demand

Not sure what a command does? Click More info — Claude explains exactly what it does, what can go wrong, and safer alternatives.

Full audit trail

Every decision — allow, deny, approved, cancelled — logged to SQLite and streamed to the dashboard in real time.

Policy

Your rules,
your call.

Policy is a YAML file in ~/.intracept/policy.yaml. Rules match glob patterns against commands — first match wins.

  • 50 built-in rules, zero configuration required
  • Three verdicts: allow, require_approval, deny
  • Edit the file — changes apply to the next command
  • Built-in UI editor with live validation
~/.intracept/policy.yaml
version: 1
rules:

  # Always block — no way to undo
  - pattern: "rm -rf *"
    verdict: require_approval

  - pattern: "git push --force*"
    verdict: require_approval

  - pattern: "sudo *"
    verdict: require_approval

  # Routine dev work — runs silently
  - pattern: "cargo *"
    verdict: allow

  - pattern: "git push*"
    verdict: allow

default_verdict: allow

One command.

macOS 12+. No prerequisites. Hook registration is automatic.

$ brew tap laurenalexander2/tap
$ brew install --cask intracept

Or build from source:

$ git clone https://github.com/laurenalexander2/intracept
$ make build && make install
View on GitHubDocumentation →