0009576: Proposal: BashBard - safety-first AI terminal to strengthen KLC (PEN-103) practice and Linux fluency - Kali Linux Bug Tracker

ID	Project	Category	View Status	Date Submitted	Last Update

0009576	Kali Linux	New Tool Requests	public	2026-02-28 12:07	2026-02-28 12:07

Reporter	Khafagy	Assigned To
Priority	normal	Severity	minor	Reproducibility	have not tried
Status	new	Resolution	open

Summary	0009576: Proposal: BashBard - safety-first AI terminal to strengthen KLC (PEN-103) practice and Linux fluency
Description	Hello OffSec Team, I’m Ali Khafagy. I’m reaching out to share an open-source project I built called BashBard (Apache 2.0): an AI-native, safety-first terminal wrapper designed specifically to help learners build real Linux/Kali command-line skill through practice without turning the terminal into a chatbot. What it is (and what it isn’t): BashBard runs a real shell via PTY (so normal terminal behavior remains intact), but adds an assist + guardrail layer before commands execute. It is not intended to “do the work for the learner”; it’s designed to keep learners inside the terminal and turn errors into learning. Why it complements KLC / PEN-103 learning goals: KLC is fundamentally about becoming fluent and confident in Kali/Linux workflows. BashBard supports that by: Intent → command translation (including Multi-lang), so a beginner can express a goal and see a correct CLI command they can study, modify, and learn from. Error-driven learning via a repair loop: when a command fails (typo, wrong usage), BashBard proposes a corrected command with a short explanation to reinforce understanding. Safe experimentation through dry-run and confirmation gates, which reduces fear of breaking systems and encourages more hands-on practice (the fastest path to mastery). Native terminal experience (PTY integration), so learners still develop real muscle memory with tools and workflows rather than learning a separate “AI interface.” Safety and responsible use (key for OffSec): BashBard is intentionally conservative: It performs pre-execution safety scanning and blocks well-known destructive patterns. It uses a sudo allowlist model (and blocks risky sudo use by default). It supports dry-run mode for preview-only learning. The project is community-built and clearly positioned as not affiliated with OffSec unless you choose to mention it as a community resource. What I’m asking: If you’re open to it, I’d appreciate (1) feedback from the right person on your team regarding educational fit + safety expectations, and (2) guidance on whether it’s appropriate to share as an optional community companion for KLC learners (e.g., community spotlight/resource list) with clear disclaimers. I can provide a short demo video and a one-page mapping of KLC topics (navigation, permissions, processes, networking, services, package management) → BashBard practice prompts and examples. Repo: https://github.com/5afagy/BashBard Docs: https://github.com/5afagy/BashBard/wiki Demo: https://drive.google.com/file/d/18YjwDTciNKpawu0_XCeNKLoktfdr-Wnj/view?usp=sharing Thank you for your time and consideration. Best regards, Ali Khafagy [email protected]
Attached Files	image.png (29,022 bytes) image.png (29,022 bytes)

Date Modified	Username	Field	Change
2026-02-28 12:07	Khafagy	New Issue
2026-02-28 12:07	Khafagy	File Added: image.png