Skip to content

cli

Directory actions

More options

Directory actions

More options

Latest commit

 

History

History

cli

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
src
src
 
 
tests
tests
 
 
README.md
README.md
 
 
package.json
package.json
 
 
tsconfig.json
tsconfig.json
 
 
vitest.config.ts
vitest.config.ts
 
 

README.md

@kill-switch/cli

Stop runaway cloud bills from the terminal. Monitor Cloudflare, GCP, and AWS spending with automatic kill switches that shut down services before they drain your account.

Born from a $91K Cloudflare bill.

Install

npm install -g @kill-switch/cli

This gives you two commands: kill-switch and ks (short alias).

Quick Start

# 1. Get an API key from https://app.kill-switch.net (Settings > API Keys)
ks auth login --api-key ks_live_your_key_here

# 2. Connect your cloud provider and apply protection
ks onboard --provider cloudflare \
  --account-id YOUR_ACCOUNT_ID \
  --token YOUR_API_TOKEN \
  --name "Production" \
  --shields cost-runaway,ddos

# 3. Check your accounts
ks check

One-Command Setup

The onboard command connects a provider, applies shield presets, and configures alerts in one step:

# Cloudflare
ks onboard --provider cloudflare \
  --account-id YOUR_CF_ACCOUNT_ID \
  --token YOUR_CF_API_TOKEN \
  --name "Production" \
  --shields cost-runaway,ddos \
  --alert-pagerduty YOUR_ROUTING_KEY

# AWS
ks onboard --provider aws \
  --access-key AKIA... \
  --secret-key wJalr... \
  --region us-east-1 \
  --shields aws-cost-runaway,gpu-runaway

# GCP
ks onboard --provider gcp \
  --project-id my-project-123 \
  --service-account "$(cat key.json)" \
  --shields cost-runaway

# Interactive mode (prompts for everything)
ks onboard

Don't know where to find your credentials? Run:

ks onboard --help-provider cloudflare
ks onboard --help-provider aws
ks onboard --help-provider gcp

Shields (Quick Protect)

Apply preset protection rules with one command:

ks shield cost-runaway        # Kill services exceeding daily cost limit
ks shield ddos                # Kill services getting excessive requests
ks shield gpu-runaway         # Stop unexpected GPU instances
ks shield lambda-loop         # Throttle recursive Lambda invocations
ks shield aws-cost-runaway    # Emergency stop on AWS daily spend spike
ks shield brute-force         # Rotate creds on mass auth failures
ks shield exfiltration        # Isolate on unusual egress
ks shield error-storm         # Scale down on sustained high error rate

# List all shields
ks shield --list

Alert Channels

# List configured channels
ks alerts list

# Add PagerDuty (recommended — get routing key from PagerDuty > Service > Integrations)
ks alerts add --type pagerduty --routing-key YOUR_ROUTING_KEY

# Add Slack
ks alerts add --type slack --webhook-url https://hooks.slack.com/...

# Add Discord
ks alerts add --type discord --webhook-url https://discord.com/api/webhooks/...

# Add GitHub AI remediation (triggers Claude Code to open a fix PR on extreme violations)
ks alerts add --type github \
  --token ghp_YOUR_PAT \
  --repo-owner YOUR_ORG \
  --repo-name YOUR_REPO \
  --workflow kill-switch-remediate.yml \
  --branch main

# Add email or generic webhook
ks alerts add --type email --email you@example.com
ks alerts add --type webhook --webhook-url https://your-service.example.com/webhook

# Remove a channel by name
ks alerts remove "PagerDuty"

# Send a test alert to all channels
ks alerts test

Commands

Command Description
ks onboard One-command setup: connect + shields + alerts
ks auth login Authenticate with API key
ks auth status Show auth status
ks status Dashboard: accounts, alerts, 30-day spend summary
ks accounts list List connected cloud accounts
ks accounts add Connect a cloud provider
ks accounts check <id> Run manual check on an account
ks check Check all accounts (shows violations with multiplier column e.g. 60x)
ks shield <preset> Apply a protection preset
ks rules list List active rules
ks alerts list List alert channels
ks alerts add Add an alert channel
ks alerts remove <name> Remove an alert channel by name
ks alerts test Send a test alert to all channels
ks analytics Cost analytics: spend summary, 7-day table, per-account breakdown
ks config list Show configuration

AI Agent Usage

The CLI is designed for AI coding agents (Claude Code, Cursor, Windsurf) to set up cloud monitoring on behalf of users without interactive prompts.

# Set API key via env var
export KILL_SWITCH_API_KEY=ks_live_your_key

# Non-interactive setup with JSON output
ks onboard \
  --provider cloudflare \
  --account-id CF_ACCOUNT_ID \
  --token CF_API_TOKEN \
  --name "Production" \
  --shields cost-runaway,ddos \
  --alert-pagerduty KEY \
  --json

# Add PagerDuty alerts
ks alerts add --type pagerduty --routing-key KEY --json

# Full status dashboard
ks status --json

# All commands support --json for machine-readable output
ks accounts list --json
ks check --json
ks analytics --json

CLAUDE.md Integration

Add this to your project's CLAUDE.md so your AI agent knows how to manage Kill Switch:

## Kill Switch (Cloud Cost Protection)
- CLI: `ks` (alias for `kill-switch`)
- Auth: KILL_SWITCH_API_KEY env var or `ks auth login --api-key KEY`
- Setup: `ks onboard --provider cloudflare --account-id ID --token TOKEN`
- Check: `ks check --json`
- Docs: `ks onboard --help-provider cloudflare`

Authentication

The CLI uses personal API keys (prefixed with ks_live_). Create one from app.kill-switch.net under Settings > API Keys.

Auth resolution order:

  1. KILL_SWITCH_API_KEY environment variable (best for CI/CD and AI agents)
  2. --api-key flag on any command
  3. ~/.kill-switch/config.json (set by ks auth login)

Global Options

Flag Description
--json Output raw JSON (for automation/scripting/AI agents)
--api-key <key> Override API key for this command
--api-url <url> Override API URL
-V, --version Show version
-h, --help Show help

Exit Codes

Code Meaning
0 Success
1 Client error (bad arguments, API error)
2 Authentication error (invalid/missing API key)

Links

License

MIT