Esta página se muestra en inglés. Una traducción al español está en curso.
CLI ToolsMay 12, 2026·2 min de lectura

Tirith — Terminal Security for AI Agents

Tirith flags risky terminal commands for developers and AI agents—pipe-to-shell, ANSI injection, homograph URLs, and data exfiltration—before execution.

Script Depot
Script Depot · Community
Listo para agents

Este activo puede ser leído e instalado directamente por agents

TokRepo expone un comando CLI universal, contrato de instalación, metadata JSON, plan específico por destino y contenido raw para que los agents evalúen compatibilidad, riesgo y próximos pasos.

Needs Confirmation · 62/100Política: confirmar
Destino
Claude Code
Tipo
Cli
Instalación
Single
Confianza
Confianza: Established
Entrada
README.md
Comando CLI universal
npx tokrepo install b64aa0f0-2f92-4b9a-9b52-8cc0c6a5c8b3
contrato de instalaciónJSON de metadataplan por destinocontenido raw
Introducción

Tirith flags risky terminal commands for developers and AI agents—pipe-to-shell, ANSI injection, homograph URLs, and data exfiltration—before execution.

  • Best for: teams running agent-driven shell commands who need guardrails against copy-paste supply-chain tricks
  • Works with: macOS/Linux/Windows installs, YAML policy files, shell hooks, optional MCP server mode and setup guides for popular AI CLIs
  • Setup time: 10–20 minutes

Practical Notes

  • README documents policy init/validate/test commands and a strictness model (paranoia 1–4).
  • Install options include Homebrew, npm, Cargo, and OS packages; policy discovery looks for .tirith/policy.yaml.

Where It Fits in an Agent Workflow

If you let an agent propose commands, Tirith can sit in front of execution:

  • Use policy tests during planning to catch “curl | bash” and similar source-to-sink flows early.
  • Keep a small allowlist (domains you trust) and blocklist (known bad) as code in your repo.
  • In CI, apply a stricter scan profile (README shows scan profiles under policy) for configs like .claude/*, mcp.json, and other agent-control files.

Practical “Do This, Not That”

  • Prefer pinned installs over curl | bash whenever possible.
  • If you must run a script installer, validate the URL (homograph/invisible unicode is a real class of attacks) and record the checksum or release tag you used.

FAQ

Q: Does Tirith execute commands for me? A: It can validate and policy-test commands; the goal is to surface risk before you run them.

Q: Where does the policy live? A: The README states it discovers .tirith/policy.yaml in your repo (walking up), or a user config path.

Q: Can I tune strictness? A: Yes—policy parameters include a paranoia level and action overrides for escalation.

🙏

Fuente y agradecimientos

Source: https://github.com/sheeki03/tirith > License: AGPL-3.0 > GitHub stars: 2,307 · forks: 80

Discusión

Inicia sesión para unirte a la discusión.
Aún no hay comentarios. Sé el primero en compartir tus ideas.

Activos relacionados

agent-audit — Security Linter for LLM Agents

Run a static security scanner for LLM agents: 53 OWASP Agentic Top 10 rules, prompt-injection checks, and MCP config auditing via agent-audit scan.

CLI Tools
Agent Toolkit

herdr — Terminal Multiplexer for Agents

Terminal-first agent multiplexer with persistent sessions, panes, and workspaces. Track agent state (blocked/working/done) without leaving your terminal.

CLI Tools
Script Depot

herdr — Terminal Multiplexer for Coding Agents

herdr runs multiple coding agents in one persistent terminal workspace with pane control, detach-and-resume flow, and remote status check-ins.

CLI Tools
Agent Toolkit

AgentShield — Security Audit for Claude Code

Security auditor for Claude Code configs. Scans `.claude/` for secrets, risky permissions, hook injection, and MCP misconfigs; outputs CI-ready reports.

CLI Tools
Script Depot
Inicio🔍Buscar👤Yo