# Tracecat — Agentic Security Automation > Tracecat is an open-source security automation platform for teams and AI agents, built on Temporal with sandboxed tool runs and a self-hostable UI. ## Install Copy the content below into your project: ## Quick Use ```bash git clone https://github.com/TracecatHQ/tracecat.git cd tracecat cp .env.example .env # production-like local stack docker compose -f docker-compose.local.yml up # (optional) dev stack docker compose -f docker-compose.dev.yml up ``` ## Intro Tracecat is an open-source security automation platform for teams and AI agents, built on Temporal with sandboxed tool runs and a self-hostable UI. - **Best for:** Security engineering, SOC automation, and agent-driven playbooks - **Works with:** Docker Compose; Temporal; PostgreSQL; integrates with MCP servers (per README) - **Setup time:** 30–90 minutes ## Practical Notes - GitHub: 3,598 stars · 359 forks; pushed 2026-05-12 (verified via GitHub API). - Repo includes `docker-compose.dev.yml` + `docker-compose.local.yml` and a `justfile` wrapper for common workflows. - Per README: sandboxed-by-default with `nsjail` and durable workflows on Temporal. ## Main A practical adoption path: 1. **Start with one playbook.** Pick a repeatable task (phishing triage, IOC enrichment, alert dedupe) and model it as a workflow. 2. **Gate “risky tools.”** Put human approval in front of actions that touch production systems or customer data. 3. **Version your scripts.** Use the code-native registry idea: keep custom Python tools in Git and sync them into Tracecat. 4. **Treat MCP servers as dependencies.** Prefer a small, curated set of MCP servers and pin their configs for reproducibility. If you run this on developer laptops, keep secrets in env vars and rotate them often; for production, use a dedicated environment and audited credentials. ### FAQ **Q: Do I need Kubernetes?** A: No. The repo ships multiple Docker Compose files; Kubernetes is optional for production scaling. **Q: Can it run untrusted code safely?** A: README says it uses `nsjail` sandboxes by default; still treat inputs as untrusted and apply least privilege. **Q: How do agents interact with it?** A: Per README: you can build prompt-to-automations from your own agent harness, and tools can integrate with MCP servers. ## Source & Thanks > Source: https://github.com/TracecatHQ/tracecat > License: AGPL-3.0 > GitHub stars: 3,598 · forks: 359 --- ## 快速使用 ```bash git clone https://github.com/TracecatHQ/tracecat.git cd tracecat cp .env.example .env # 类生产的本地栈 docker compose -f docker-compose.local.yml up #(可选)开发栈 docker compose -f docker-compose.dev.yml up ``` ## 简介 Tracecat 是开源的安全自动化平台,面向团队与 AI agent:基于 Temporal 的耐久化工作流,配合 nsjail 沙盒执行与集成表格/案例管理,支持 Docker 自托管。 - **适合谁:** 安全工程 / SOC 自动化 / 让 agent 执行 playbook - **可搭配:** Docker Compose;Temporal;PostgreSQL;可对接外部 MCP servers(见 README) - **准备时间:** 30–90 分钟 ## 实战建议 - GitHub:3,598 stars · 359 forks;最近更新 2026-05-12(GitHub API 验证)。 - 仓库包含 `docker-compose.dev.yml` / `docker-compose.local.yml`,并提供 `justfile` 封装常用命令。 - README:默认用 `nsjail` 沙盒执行;工作流基于 Temporal 做耐久化与重试。 ## 主要内容 一个更稳妥的落地路径: 1. **先从一个 playbook 开始。** 选一个高频任务(告警去重、IOC 丰富化、钓鱼分流)把它建成工作流。 2. **对“高风险工具”做闸门。** 任何会改动生产系统/客户数据的动作都先加人审或审批队列。 3. **把脚本当资产管理。** 自定义 Python 工具放在 Git 里,按版本同步进平台。 4. **把 MCP server 当依赖。** 只接入少量、经过审查的 MCP server,并固定配置,保证可复现。 在开发机上试跑时,把密钥放在环境变量并勤轮换;生产建议放到独立环境并使用可审计的凭据。 ### FAQ **一定要上 Kubernetes 吗?** 答:不一定。仓库自带多份 Docker Compose;K8s 更多用于生产扩展。 **能安全运行不可信代码吗?** 答:README 提到默认用 `nsjail` 沙盒;但仍应最小权限、对输入保持不信任。 **agent 怎么接入?** 答:README 表示可从自定义 agent harness 构建自动化,且工具可对接外部 MCP server。 ## 来源与感谢 > Source: https://github.com/TracecatHQ/tracecat > License: AGPL-3.0 > GitHub stars: 3,598 · forks: 359 --- Source: https://tokrepo.com/en/workflows/tracecat-agentic-security-automation Author: Agent Toolkit