// Simultaneous Launch Button - Two-person rule for destructive commands. Use when coordinating dangerous operations between agents, requiring peer review for rm -rf, git push --force, kubectl delete, DROP TABLE, or terraform destroy.
| name | slb |
| description | Simultaneous Launch Button - Two-person rule for destructive commands. Use when coordinating dangerous operations between agents, requiring peer review for rm -rf, git push --force, kubectl delete, DROP TABLE, or terraform destroy. |
Core Capability: Two-person rule for running potentially destructive commands from AI coding agents. When an agent wants to run something risky, SLB requires peer review and explicit approval before execution.
Coding agents can get tunnel vision, hallucinate, or misunderstand context. A second reviewer (ideally with a different model/tooling) catches mistakes before they become irreversible.
Critical: Commands run in YOUR shell environment, not on a server. The daemon is a NOTARY (verifies approvals), not an executor.
# Install
curl -fsSL https://raw.githubusercontent.com/Dicklesworthstone/slb/main/scripts/install.sh | bash
# Initialize project
cd /path/to/project
slb init
# Start session
slb session start --agent "GreenLake" --program "claude-code" --model "opus"
# 1. Run a dangerous command (blocks until approved)
slb run "rm -rf ./build" --reason "Clean build artifacts" --session-id <id>
# 2. Another agent reviews and approves
slb pending # See what's waiting
slb review <request-id> # View full details
slb approve <request-id> --session-id <reviewer-id> --comment "Looks safe"
# 3. Original command executes automatically after approval
| Tier | Approvals | Auto-approve | Examples |
|---|---|---|---|
| CRITICAL | 2+ | Never | rm -rf /, DROP DATABASE, terraform destroy, git push --force |
| DANGEROUS | 1 | Never | rm -rf ./build, git reset --hard, kubectl delete, DROP TABLE |
| CAUTION | 0 | After 30s | rm file.txt, git branch -d, npm uninstall |
| SAFE | 0 | Immediately | rm *.log, git stash, kubectl delete pod |
| Category | Command | Description |
|---|---|---|
| Session | slb session start --agent <name> | Start agent session |
| Session | slb session list | Show active sessions |
| Request | slb run "<cmd>" --reason "..." | Run dangerous command |
| Review | slb pending | List pending requests |
| Review | slb approve <id> --session-id <id> | Approve request |
| Review | slb reject <id> --reason "..." | Reject request |
| Hook | slb hook install | Install Claude Code hook |
| Pattern | slb patterns test "<cmd>" | Check command tier |
# Install hook
slb hook install
# Hook actions:
# - allow: Command proceeds (SAFE tier)
# - ask: User prompted (CAUTION tier)
# - block: Blocked, must use `slb request` (DANGEROUS/CRITICAL tier)
| Gate | Check |
|---|---|
| 1. Status | Request must be APPROVED |
| 2. Expiry | Approval TTL must not have elapsed |
| 3. Hash | SHA-256 hash must match (tamper detection) |
| 4. Tier | Risk tier must still match |
| 5. First-Executor | Atomic claim prevents race conditions |
For true emergencies, humans can bypass with extensive logging:
slb emergency-execute "rm -rf /tmp/broken" --reason "System emergency"
| Topic | Reference |
|---|---|
| Full command reference | COMMANDS.md |
| Pattern matching & tiers | PATTERNS.md |
| Configuration | CONFIG.md |
| Security design | SECURITY.md |