Role-based access control
Assign varying command permissions to different users based on role.
Conclusion & Future Work
ShellSentry demonstrates a practical, security-aware path to AI-assisted Linux operations: beyond translating natural language, the architecture delivers host-aware generation, auditable multi-host execution, governed script reuse, and bounded cron automation while remaining honest about lab scope and residual LLM risk.
Future enhancements
Additional roadmap items include improved script integrity checks with hashing or signatures, wider input language support, more sophisticated RAG knowledge bases, automation target support, and production deployment features such as TLS, secret management, and more stringent policy profiles.
Human-in-the-loop approval
Require explicit approval for sensitive or state-changing commands before execution.
Dry-run simulation
Preview how commands would affect systems before they run for real.
Immutable logs & SIEM
Strengthen audit trails with tamper-evident logging and SIEM integration.
Script integrity checks
Verify archived scripts using hashing or digital signatures before reuse.
Wider language support
Accept operator requests in additional natural languages beyond the current scope.
Advanced RAG knowledge bases
Expand trusted example retrieval with richer, domain-specific command libraries.
Automation target support
Extend orchestration to broader automation targets beyond current SSH hosts.
Production deployment
Adopt TLS, hardened secret management, and stricter policy profiles for live use.