🔧 archetype: cli-tool

Build a CLI that doesn't ship a footgun.

Building with Node CLI, Python click, Rust clap, or Go cobra? GreatCTO auto-detects the cli-tool archetype and ships shell-injection prevention, --help conventions, dangerous-default detection, and cross-platform path handling gates from day one.

$ npx great-cto init Back to home ↗
What you avoid

The 5 CLI bugs that burn user trust.

Without GreatCTO

  • Shell injection via user input passed to exec()
  • Dangerous default — rm -rf without confirmation
  • No --help · no --version · no exit codes
  • Crashes on Windows because of POSIX path assumptions
  • Logs secrets when --verbose is on
  • 1 GitHub issue · trust gone · uninstalled.

With GreatCTO

  • No shell — execFile with argv array, never spawn('sh')
  • Destructive ops require --yes or interactive confirm
  • Standard --help / --version / proper exit codes
  • Path handling cross-platform (path.join, no /)
  • Secret redaction in logs at gate:ship
  • Reliable · predictable · trustworthy.
Auto-applied gates

Detected: commander + execa
cli-tool archetype.

No regulatory compliance — but TDD, 12-angle review, security audit, and supply-chain hardening still apply:

01 · security-officer

Shell-injection prevention

Every exec(), spawn(), system() call audited. argv arrays only. No shell metacharacter passthrough.

02 · code-reviewer

CLI UX conventions

--help format · exit codes · stdin/stdout/stderr separation · --json output mode · NO_COLOR / FORCE_COLOR respect.

03 · qa-engineer

Cross-platform tests

Linux + macOS + Windows matrix · Node 18 / 20 / 22 · Python 3.10 / 3.11 / 3.12 · proper EOL handling.

04 · senior-dev

TDD with snapshots

Snapshot tests on stdout/stderr · golden output files · regression-proof.

30 seconds

Drop into any Node / Python / Rust / Go CLI repo.

$ npx great-cto init
no signup·runs locally·pay your own API