Install tirith and protect your terminal in under 2 minutes.
Choose your platform and preferred installation method:
Add to your shell profile to activate tirith. Every command you run is now guarded.
| Shell | Hook Type | Tested On |
|---|---|---|
| zsh | preexec + paste widget | 5.8+ |
| bash | preexec (two modes) | 5.0+ |
| fish | fish_preexec event | 3.5+ |
| PowerShell | PSReadLine handler | 7.0+ |
Tirith must be in your $PATH — the shell hooks call tirith by name at runtime.
Open a new terminal and run the doctor command to verify everything is working:
Test detection by scanning a suspicious command:
The domain above contains a Cyrillic a (U+0430) — tirith detects this as a homograph attack.
Normal commands are invisible — zero output, zero latency:
Protect AI coding agents with one command:
See the MCP Integration docs for detailed per-tool setup guides.
If you have a paid subscription, activate it with your license key:
Your signed token is available in your account dashboard after purchase. All detection rules run at every tier — paid plans add enrichment features like checkpoints, audit reports, and remote policy distribution.