Cross-platform command enhancer for humans. Replace long, repetitive terminal syntax with short, intuitive commands. Works on Linux, Windows PowerShell, and WSL β safe, rollback-ready, and open source.
π§ New in v1.1.6: Bug Fix Release! Fixed critical argument passing bug and command chaining password bypass. Commands like
sudo apt updatenow work correctly.
π v1.1.5: Advanced Security Release! Internal flag protection, atomic shell writes, path diagnostics, threat model documentation, and automated dependency scanning. See Security Report
π‘οΈ v1.1.4: Security Hardening Release! 0 HIGH vulnerabilities, comprehensive security audit, automated scanning, and professional security documentation.
β οΈ Important: CCMD is a powerful tool that sits between your shell and you. Like electricity or any powerful tool, it can be dangerous if used wrongly. Please read the Security Policy and Threat Model before using CCMD. Use carefully, cautiously, and responsibly.
π Version Notice: We strongly recommend using v1.1.5 or later. This version includes critical security enhancements and passes all automated security scans with comprehensive threat model documentation. Upgrade now β it's safe, fast, and backward compatible!
CCMD is an open-source project developed by De Catalyst (Wisyle).
It lets you define simple, natural shortcuts for everyday shell operations β no more typing endless flags or remembering weird syntax.
Instead of typing:
cd ~/Downloads
git add .
git commit -m "update"
git pushYou can just write:
go downloads
pushCCMD handles the rest. It safely installs into your shell profile, manages custom commands through YAML, and supports plugins, system monitoring, and SSH management.
- π Internal Flag Protection β
--exechidden from help, environment-gated for internal use only - βοΈ Atomic Shell Config Writes β Prevents corruption with temp file + atomic rename pattern
- π©Ί Path Diagnostics Command β
--check-pathsvalidates installation, environment, and backups - π‘οΈ Threat Model Documentation β Complete attack scenarios, mitigations, and security boundaries (THREAT_MODEL.md)
- π Recovery Guide β Emergency procedures for all failure scenarios (RECOVERY.md)
- π¦ Dependabot Integration β Weekly automated dependency vulnerability scanning
- π Enhanced CI Scanning β Safety dependency scanner added to security workflow
- π Security Metrics β 0 HIGH severity issues maintained, all 7 audit items addressed
Security Achievement: Comprehensive threat model, automated scanning, and emergency recovery procedures!
- π‘οΈ Tarfile Path Traversal Fixed β Prevents malicious archives from writing outside target directory (CVE-2007-4559)
- π URL Scheme Validation β Restricts all URL operations to HTTPS only, prevents downgrade attacks
- π¦ Dependency Security β GitPython pinned to v3.1.43, eliminates 6 known vulnerabilities
- π€ Automated Security Scanning β Bandit and Safety integrated with GitHub Actions
- π Security Policy β Professional vulnerability reporting process (48-hour response time)
- π Security Metrics β 0 HIGH severity issues, all dependencies secured
- π Security Changelog β Complete audit trail of all security improvements
- βοΈ CodeQL Analysis β Semantic code analysis detects vulnerabilities automatically
- π§ Fixed Directory Persistence β Chained commands now correctly persist directory changes
- β±οΈ Fixed Interactive Timeouts β Interactive commands like
claudeno longer timeout - π¦ Fixed Pip Install Warnings β Automatic handling of externally-managed Python environments
- β Enhanced Navigation β Support for custom project directory paths in
gocommand - π― 180s Timeout for Non-Interactive β Non-interactive commands timeout after 3 minutes (prevents hangs)
- π Command Chaining β Chain commands with
>>>operator:go downloads >>> ls >>> echo "done" - π Command Composability β CCMD commands can call other CCMD commands
- π― Smart Directory Chaining β Directory changes persist through command chains
- π‘οΈ Enhanced Security β Context-aware validation, expanded pattern detection (40+ patterns)
- π Process Management β
kapkills all processes (with confirmation),kpkills by name - π bcrypt Fallback β PBKDF2-HMAC-SHA256 fallback if bcrypt unavailable
- π Type Enforcement β Custom commands cannot abuse privileged types
Example: ccmd add β name: devwork β command: go projects >>> ls >>> echo "Ready to code!"
- π Master Password System β Protect sensitive commands with bcrypt-hashed passwords
- π‘οΈ Command Injection Prevention β Automatic blocking of dangerous command patterns
- π SSH Key Validation β Verify key permissions (0600) before use
- π Sensitive Command Detection β Auto-detect and protect sudo, ssh, AWS commands
- π Atomic File Operations β Safe, corruption-proof file writes
- π― Intelligent Auto-Locator β No more path issues, works anywhere
- π Audit Logging β Track all authentication attempts
- β‘ Security Cache β 5-minute authentication window for convenience
New Commands: init, debug, sudo, change-password, reset-password, kap, kp
- β¨ Custom Commands β Create your own commands with
add, manage withremove - π Instant Reload β
reloadcommand updates config without manual reinstall - π― Interactive Push β Full git workflow with file selection and auto-commit messages
- π Command Manager β Enable/disable commands with
list - π‘οΈ Graceful Cancellation β Press Ctrl+C anytime without ugly errors
- π Better Windows Support β Fully tested on PowerShell with proper encoding
- Cross-Platform Support β Linux, WSL, Windows PowerShell (macOS code exists but untested*)
- Natural Commands β No prefixes; just type
go,push,cpu, etc. - Smart Directory Navigation β Search and jump to directories anywhere
- Auto Git Integration β Interactive add, commit, and push workflow
- System Insights β Monitor CPU, memory, and processes
- Safe Rollback β Backs up your shell configuration before any changes
- Persistent Customization β Your custom commands survive CCMD updates
- Password Protection β Mark custom commands as requiring authentication
*macOS users: We need your feedback! Please test and report issues.
For detailed guides and technical documentation, see:
- π Security Policy β READ THIS FIRST! Vulnerability reporting and security measures
- π Security Changelog β Complete audit trail of security improvements
- π€ Claude AI Security Audit β Professional AI security scan (Score: 7.8/10 - GOOD)
- π‘οΈ Threat Model β Complete attack scenarios and mitigations
- π Recovery Guide β Emergency recovery procedures for all platforms
- π Release Notes v1.1.4 β Latest security hardening release
- π Release Notes v1.1.3 β Bug fixes and improvements
- Features β Complete feature list including security features
- Installation Guide β Step-by-step installation for all platforms
- Usage Guide β Complete command reference and usage examples
- Configuration Guide β Customize and create your own commands
- Troubleshooting β Common issues and solutions
- Architecture β Technical architecture and development guide
ccmd/
βββ cli/
β βββ main.py # CLI entrypoint
β βββ install.py # Installation and PATH setup
β βββ editor.py # Interactive command editor
β βββ ssh_manager.py # Manage SSH aliases and keys
βββ core/
β βββ parser.py # Parse and map custom commands
β βββ executor.py # Execute commands securely
β βββ registry.py # Manage alias storage
β βββ rollback.py # Backup & restore shell configs
β βββ system_check.py # Detect OS and compatibility
βββ commands.yaml # Default command definitions
βββ run.py # Master entrypoint
βββ setup.sh # Unix installer
βββ setup.ps1 # Windows installer
βββ LICENSE
βββ README.md
- Python 3.7+
- pip (usually included with Python)
The easiest way to install CCMD:
pip install ccmdThat's it! CCMD is now available as the ccmd command globally.
Test installation:
ccmd --version
ccmd --listNote: PyPI installation provides the CCMD package but you may still need to run shell integration for full functionality:
ccmd --install # Sets up shell integration (one-time setup)For users who want the latest development version or want to contribute:
# Clone the repository (ccmd branch)
git clone -b ccmd https://github.com/Wisyle/ccmd.git
cd ccmd
# Run the installer for your platform
# Linux/macOS/WSL:
bash setup.sh
# Windows PowerShell:
.\setup.ps1
# Reload your shell
source ~/.bashrc # or ~/.zshrc for Zsh, or restart terminalIf you don't have pip or git access:
-
Download the latest release:
- Visit: https://github.com/Wisyle/ccmd/releases/latest
- Download Source code (zip) under Assets
- Or direct download: https://github.com/Wisyle/ccmd/archive/refs/tags/v1.1.4.zip
-
Extract and install:
# Linux/macOS/WSL: cd /path/to/ccmd bash setup.sh source ~/.bashrc # Windows PowerShell: cd C:\path\to\ccmd .\setup.ps1 . $PROFILE
After installation, test that CCMD is working:
# Check system status
ccmd --check
# List available commands
ccmd --list
# Test a command
go homeIf installed via PyPI (recommended):
pip install --upgrade ccmdIf installed via Git:
cd /path/to/ccmd
git pull origin ccmd
python3 run.py --installIf installed via ZIP:
- Download the latest version from PyPI:
pip install --upgrade ccmd - Or download latest ZIP and reinstall
If installed via PyPI:
pip uninstall ccmd
ccmd --restore # Optional: restore shell configIf installed via Git/ZIP:
python3 run.py --restore # Removes shell integration| Command | Description | Example |
|---|---|---|
go <dir> |
Navigate to directory or search | go downloads |
| Command | Description | Notes |
|---|---|---|
push |
Interactive git add, commit, and push | Auto-generates commit messages π |
| Command | Description | Platform Support |
|---|---|---|
cpu |
Show CPU usage | Linux, macOS, Windows |
mem |
Show memory usage | Linux, macOS, Windows |
proc |
List running processes | Linux, macOS, Windows |
kap |
Kill process by PID | Linux, macOS, Windows |
| Command | Description | Notes |
|---|---|---|
add |
Create a custom command | Interactive prompts |
remove |
Delete a custom command | Shows list to select from |
list |
Manage commands (enable/disable) | Toggle commands on/off |
| Command | Description | Notes |
|---|---|---|
reload |
Reload config and update shell π | No manual reinstall needed |
update |
Update CCMD from GitHub | Downloads latest version |
version |
Show current and latest version | Checks GitHub releases |
restore |
Restore shell config from backup | Rollback changes |
uninstall |
Remove CCMD completely | Cleans everything |
hi |
Show system dashboard | System overview |
CCMD default commands are defined in $CCMD_HOME/commands.yaml. These are managed by CCMD and updated when you upgrade.
Your custom commands are stored separately in:
~/.ccmd/custom_commands.yaml
Why separate? Your custom commands survive CCMD updates and never get overwritten.
Create custom commands:
add # Interactive command creationRemove custom commands:
remove # Interactive command removalReload after manual edits:
reload # Reloads config and updates shellEach command follows this format:
mycommand:
description: "What this command does"
action: "the shell command to execute"
type: custom
interactive: false # Set to true for commands needing user inputCCMD has been professionally audited using both Bandit static analysis and Claude AI security scanning. See SECURITY_AUDIT_CLAUDE.md for the complete AI security audit report.
Scan Results:
- β 0 HIGH severity issues (Bandit)
- β 0 critical vulnerabilities (Claude AI)
- β All dependencies secured (Safety + Dependabot)
- β Comprehensive threat model documented
CCMD beats oh-my-zsh and bash-it in ALL security categories:
| Security Feature | CCMD | oh-my-zsh | bash-it | Verdict |
|---|---|---|---|---|
| Command Injection Protection | β Strong (40+ patterns) | CCMD Best | ||
| Password Protection | β Yes (bcrypt) | β No | β No | CCMD Best |
| Atomic Shell Writes | β Yes (v1.1.5) | β No | β No | CCMD Best |
| Backup/Restore | β Built-in | CCMD Best | ||
| Security Documentation | β Comprehensive | CCMD Best | ||
| Dependency Scanning | β Automated (CI/CD) | β No | β No | CCMD Best |
| Cross-Platform Support | β Win/Linux/Mac | β Unix only | β Unix only | CCMD Best |
| Threat Model | β Documented | β No | β No | CCMD Best |
- β Backups created automatically before modifying any shell files
- β
Rollback available anytime with
--restore - β SSH keys are never stored or transmitted
- β
Safe execution via subprocess calls, never
eval - β Command validation with 40+ dangerous pattern detection
- β Master password protection for sensitive commands
- β Atomic writes prevent shell config corruption
- β Automated scanning with Bandit, Safety, and CodeQL
Before global install, run:
python run.py --testThis simulates:
- Shell detection and rc edits
- Git and system command execution
- Rollback and uninstall checks
# Navigate fast
go downloads
# Push Git changes instantly
push
# Check system load
cpu
# Connect to your default server
sshContributions are welcome!
Fork the repo, create a branch, make your edits, and open a pull request.
A contribution guide will soon be added in /docs/CONTRIBUTING.md.
Released under the MIT License. Free to use, modify, and distribute.
De Catalyst GitHub: @Wisyle Email: Robert5560newton@gmail.com X (Twitter): @iamdecatalyst Instagram: @iamdecatalyst Telegram: @iamdecatalyst
For bug reports, updates, or collaboration inquiries, feel free to reach out.
βStop remembering commands. Start commanding naturally.β