Terminal Guardian
Buy Now — $49
Windows • PowerShell 7+ • v2.3.3

One bad PowerShell command can delete everything.

Terminal Guardian evaluates every command before it executes — and stops the ones that shouldn't run.

Local-first enforcement. No ML guesswork. No subscription. A policy-based safety layer for PowerShell 7+ on Windows — active before your finger leaves the Enter key.

No cloud required No subscription One-time payment Ships validated v2.3.3
Get Terminal Guardian — $49 See How It Works
Instant ZIP download after purchase Setup in under 2 minutes Delivered via Gumroad
Proof of integrity & trust model →
PowerShell 7+ — Terminal Guardian active
PS C:\Prod> Import-Module TerminalGuardian
PS C:\Prod> Get-ChildItem C:\Services\*
ALLOW risk: low • policy: default-safe
PS C:\Prod> ↑ pasted from AI assistant
PS C:\Prod> Remove-Item C:\Prod\* -Recurse -Force
BLOCK destructive-delete-guardrail • execution halted
⚠ Command stopped before execution. Logged.
PS C:\Prod> tg selftest
All checks passed ✓
Windows only | PowerShell 7+ (pwsh) required | Local-first enforcement — no cloud dependency | One-time payment — no subscription | Delivered via Gumroad

What happens with one wrong command?

PowerShell is powerful by design. That's the problem. A single command can wipe directories, overwrite configs, or expose credentials — and undo is not always an option.

Destructive delete

Remove-Item C:\Prod\* -Recurse -Force — a single paste from an AI assistant, a tab-complete gone wrong, or a script targeting the wrong path. Gone.

Copy-paste from the browser

You copy a command from Stack Overflow or a blog post. You don't read the full flags. Or the page was modified. Paste-and-run is one of the most common sources of terminal accidents.

AI-generated commands

ChatGPT and Copilot generate plausible-looking PowerShell. They also hallucinate flags, target wrong paths, and omit safety qualifiers. Running AI output without a guardrail is a production risk.

Disk wipe and volume operations

Format-Volume, Clear-Disk, diskpart. These commands have irreversible effects. When run under automation or elevated sessions, the damage is instant and total.

Credential exposure in logs

Passwords, tokens, and API keys passed inline in commands end up in history files, audit logs, and CI outputs. Without redaction, sensitive data lives in your terminal trail.

Admin mistakes under pressure

Incident response, late-night deployments, rushed rollbacks. When you're moving fast in an elevated session, the probability of a catastrophic command is highest exactly when you can least afford it.

What Terminal Guardian helps stop

Every command is evaluated against your active policy before execution. Not after. Not in a log you review later. Before.

Destructive deletes

Remove-Item with -Recurse -Force, recursive wipes, disk-clearing operations — blocked by default. Your production directories don't get deleted because a policy rule fires before the shell does.

Dangerous copy-paste

Commands pasted from browsers, docs, or chat tools are evaluated the same as any other command. If the pasted content triggers a policy rule, it gets challenged or blocked before execution.

Risky AI-generated commands

You use AI tools to write PowerShell. That's fine. Terminal Guardian acts as the safety layer between what the AI suggested and what your machine actually executes. Run AI output with a guardrail, not on faith.

Costly admin mistakes

Registry edits, service kills, database operations — challenged or blocked depending on your policy. The confirmation step isn't friction. It's the 2-second pause that separates an incident from a near-miss.

How it works

Terminal Guardian hooks into your PowerShell session and intercepts every command before execution. No ML. No heuristics. Rules-based policy that returns one of four deterministic outcomes.

ALLOW

Command clears policy.

Execution proceeds normally. Nothing visible to the user. Zero friction.

WARN

Elevated risk detected.

Execution continues but a visible warning is displayed and logged to the audit trail.

CHALLENGE

Confirmation required.

Execution pauses. Explicit confirmation needed. Outcome is logged either way.

BLOCK

Command halted.

Execution stopped. Policy rule name and actor logged to audit trail. Nothing runs.

Policy + Audit in one view

Active policy packs define what gets blocked, challenged, or allowed. Every event — with redacted secrets — is captured in a searchable audit trail. SHA-256 integrity verification confirms your policy hasn't been tampered with.

  • SHA-256 policy manifest integrity verification
  • Secret redaction on all log output
  • Destructive command guardrails active by default
  • Dry-run mode to preview policy outcome before execution
  • Full governance trail for incident forensics
Policy + Audit Overview

Active Policy Pack

– destructive-delete-guardrail
– diskwipe-protection
– prod-database-guard
– challenge-threshold-high

✓ SHA-256 manifest verified

Recent Audit Events

BLOCK  Remove-Item -Recurse -Force C:\Prod\*
Policy: destructive-delete-guardrail • Actor: build-agent-04
Redaction: token=[REDACTED]  key=[REDACTED]
CHALLENGE  Set-ItemProperty HKLM:\...
Outcome: confirm-once accepted • Session: 03f0a8
ALLOW  Get-ChildItem C:\Services\*
Risk score: low • Policy branch: default-safe

Compliance Summary

– Full event trail retained

– Secret redaction enabled

– Enforcement mode: strict

See the block in action

Watch Terminal Guardian intercept a destructive command in real time — before a single file is touched.

Why you can trust it

A safety tool has to be trustworthy by design. Here is what Terminal Guardian is — and what it explicitly is not.

Local-first

Core enforcement runs entirely on your machine. No behavioral telemetry is sent anywhere. No cloud dependency for enforcement to function.

Deterministic

No machine learning. No scoring that shifts over time. The same command against the same policy produces the same outcome. Always.

Auditable

Every command evaluation is logged — outcome, policy rule, actor, redacted secrets. You can answer "what ran, when, under which policy, with what result" after any incident.

Honest scope

It governs the PowerShell session it is loaded into. It is not antivirus, not EDR, not a backup system. It does exactly what it claims — no more.

Scope note — read this

Terminal Guardian is a guardrail, not a vault.

It governs the PowerShell workflow it is loaded into. It is not antivirus, EDR, or a replacement for backups, endpoint controls, or change-review process. It does not protect other shells, WSL, or non-PowerShell processes. If you need one of those things, this is not that product.

Full trust model and non-scope →

Who uses Terminal Guardian

If you run PowerShell on Windows and mistakes have consequences, this is built for you.

Individual user

PowerShell developers

You write scripts daily. You work in production directories. You use AI tools to generate commands faster. One mistake at the wrong time costs hours of recovery work — or worse.

Operations

IT admins

You manage multiple machines and need consistent, enforceable behavior. You want a policy layer that documents what happened during every admin session — without standing over every user.

Infrastructure

DevOps & infra engineers

You work with production environments. Elevated sessions, build agents, rollback scripts. The cost of a wrong command is a P1 incident. A guardrail running in the session before execution is exactly the right tool.

Security

Security-conscious teams

You need an audit trail. You need policy enforcement. You need to be able to show, after an incident, exactly what commands ran and what was blocked. Terminal Guardian gives you that for the PowerShell layer.

AI-assisted workflows

AI command users

You use ChatGPT, Copilot, or Claude to generate PowerShell. That's now normal. Terminal Guardian is the safety layer between what the AI suggests and what your machine executes. Use AI — just don't run it blind.

Service providers

MSP owners

You run PowerShell scripts across client machines. One technician running the wrong script on the wrong client environment is a liability. Policy enforcement and audit trails belong in your stack. Ask about team and MSP options →

Setup in under 2 minutes

Download from Gumroad, run one script, open a new pwsh window. Done.

  1. 1

    Buy and download the ZIP from Gumroad.

    One-time purchase. No GitHub account required.

  2. 2

    Extract the ZIP to any folder.

  3. 3

    Run setup.cmd and close all PowerShell windows.

  4. 4

    Open a new pwsh window and run:

    tg selftest

    All checks passing = clean install, enforcement active.

Requires: Windows Requires: PowerShell 7+ (pwsh) Not supported: Windows PowerShell 5.1

Simple, one-time pricing

No subscription. No renewal. Pay once, own it.

The math is straightforward.

A single production recovery incident — restoring deleted files, rolling back a bad script, tracing what ran — typically costs 4–8 hours of engineering time. At an average loaded rate, that's $600–$2,000 per incident. Terminal Guardian Personal is $49, once. The first blocked command pays for it.

Personal

$49

one-time • 1 machine

  • Full policy engine
  • Default policy packs
  • Audit trail
  • Local-first enforcement
  • tg selftest validation
Buy Personal
Most Popular

Pro

$149

one-time • up to 3 machines

  • Everything in Personal
  • Custom policy packs
  • Log export tools
  • Zero-trust policy template
  • Priority email support
Buy Pro

Team

$499

one-time • up to 25 seats

  • Everything in Pro
  • Team policy management
  • Centralized audit review
  • Deployment guidance
  • Coming soon
Join Waitlist

MSP / Enterprise

Custom

volume • contact us

  • Unlimited seat licensing
  • Custom policy engineering
  • Dedicated support
  • Volume pricing
  • SLA options
Contact Us

All tiers: Windows only • PowerShell 7+ only • One-time payment • No subscription

Frequently asked questions

No. Terminal Guardian requires PowerShell 7+ (pwsh). It does not support Windows PowerShell 5.1. If your environment runs only 5.1, you need to upgrade to pwsh first.

No. Terminal Guardian is a command guardrail. It evaluates PowerShell commands before execution based on policy rules. It does not scan files, monitor processes, detect malware, or replace endpoint security tools. Use it alongside your existing security stack — it handles the PowerShell execution layer specifically.

Core enforcement is entirely local. No commands or audit data are sent to external servers during normal operation. The tg selftest command performs a cloud-verified integrity check to validate the install — that is the only network call, and it is optional. You can see the full trust model at trust-model.html.

Terminal Guardian governs the PowerShell session it is loaded into. If someone opens a new PowerShell session outside your profile, or uses another shell entirely (cmd, bash, WSL), enforcement does not apply. It is a guardrail for deliberate workflows — not a hard security boundary for a hostile actor with local access. We say this clearly because honesty about scope is part of the trust model.

Yes. Terminal Guardian intercepts every command in the session regardless of source — typed by hand, pasted from a browser, or generated by an AI tool. If you paste a ChatGPT-generated command that matches a block rule, it is blocked. The source of the command is irrelevant to the policy engine.

Not currently. Gumroad provides a refund window if you purchase and find it is not what you expected. Contact [email protected] with any pre-purchase questions.

No. Terminal Guardian is Windows-only in its current release. If you are interested in macOS or Linux support, use the form below to register interest — that helps determine priority for future platform expansion.

More questions? See the full FAQ →

Stop the next bad command before it runs.

Available now on Gumroad. One-time purchase. Download, run tg selftest, and enforcement is active.

Get Terminal Guardian — $49 Trust Model

v2.3.3 • Windows • PowerShell 7+ only • No subscription

Not on Windows? Interested in team licensing?

Leave your email and we'll notify you when Linux support or team features ship. No spam. Unsubscribe anytime.