Install tirith and protect your terminal in under 2 minutes.
Choose your platform and preferred installation method:
Add to your shell profile to activate tirith. Every command you run is now guarded.
| Shell | Hook Type | Tested On |
|---|---|---|
| zsh | preexec + paste widget | 5.8+ |
| bash | preexec (two modes) | 5.0+ |
| fish | fish_preexec event | 3.5+ |
| PowerShell | PSReadLine handler | 7.0+ |
Tirith must be in your $PATH. The shell hooks call tirith by name at runtime.
Open a new terminal and run the doctor command to verify everything is working:
Run tirith onboard to detect your repo and environment (shell, IDE configs, AI-config files, package managers, CI, MCP) and get a recommended policy template. It's read-only by default; --apply walks you through it with per-step confirmation.
Test detection by scanning a suspicious command:
The domain above contains a Cyrillic a (U+0430). Tirith detects this as a homograph attack.
Normal commands are invisible, with zero output and zero latency:
Protect AI coding agents with one command:
See the MCP Integration docs for detailed per-tool setup guides.
If you have a paid subscription, activate it with your license key:
Your signed token is available in your account dashboard after purchase. All detection rules run at every tier. Paid plans add enrichment features like checkpoints, audit reports, and remote policy distribution.