Your browser would catch this.
Your terminal won't.
Tirith intercepts commands and pastes in your terminal, detecting homograph attacks, pipe-to-shell patterns, ANSI injection, and 30+ other threats — in under 1ms.
See It In Action
Click a scenario to see how Tirith responds.
What It Catches
11 threat categories covering every angle of terminal attack surface.
Hostname
Homograph attacks, punycode, confusable characters, IDN spoofing
Path
Non-ASCII paths, homoglyphs, encoded traversal sequences
Transport
Insecure HTTP, TLS downgrades, URL shorteners, data URIs
Terminal
ANSI injection, bidi overrides, zero-width chars, control sequences
Command
Pipe-to-shell, dotfile persistence, archive bombs, code substitution
Environment
Proxy hijacking and environment variable manipulation
Ecosystem
Git, Docker, pip, npm, Web3 — supply-chain attack surface
Config Security
AI config poisoning, prompt injection, MCP server validation
Rendered Content
Hidden CSS, color-matched text, comment instructions, PDF hidden text
Cloaking
Server-side cloaking detection — different content for bots vs browsers
Policy
Custom blocklists and organizational security policies
How It Works
A 3-tier pipeline that balances speed with thoroughness.
Fast Gate
Regex-powered initial filter eliminates 99% of clean commands instantly.
Extract
Parses URLs, Docker references, and package identifiers from complex commands.
Analyze
66 rules across 11 categories — homographs, injection, supply-chain, config poisoning, cloaking, and more.
AI Agent Security
Protect AI coding agents at every layer — from the configs they read to the commands they execute. One command to set up. Zero friction on clean input.
MCP Server — 7 Tools
AI agents call these tools before taking action. Run tirith mcp-server to start.
tirith_check_command
Analyze shell commands
tirith_check_url
Score URLs for attacks
tirith_check_paste
Check pasted content
tirith_scan_file
Scan files for hidden content
tirith_scan_directory
Recursive directory scan
tirith_verify_mcp_config
Validate MCP configs
tirith_fetch_cloaking
Detect server-side cloaking
Config Poisoning
Scans 50+ AI config file patterns for prompt injection, invisible Unicode, and permission bypass attempts.
Hidden Content
Detects content invisible to humans but readable by AI — CSS hiding, color tricks, sub-pixel PDF text.
Server Cloaking
Compares responses across 6 user-agents to catch servers that serve different content to AI bots vs browsers.
One Command Setup
Free for Everyone. Built for Teams.
All detection rules run at every tier. Paid plans add compliance, policy distribution, and enterprise integrations.
Community
Free forever
Everything you need for terminal security. No account required.
- ✓Full detection engine (all 66 rules)
- ✓Shell hooks — Bash, Zsh, Fish, PowerShell
- ✓MCP server for AI coding tools
- ✓Local JSONL audit log
- ✓YAML policy system
- ✓SARIF output for CI/CD
- ✓Zero network calls — fully offline
- ✓Cross-platform — macOS, Linux, Windows
- ✓Open source
Team / Enterprise
Contact us
Everything in Community, plus:
- MITRE ATT&CK technique mapping
- Remote policy distribution
- Centralized audit log collection
- Custom DLP redaction patterns
- Webhooks — Slack, Teams, PagerDuty
- SSO/SAML — Okta, Azure AD
- Air-gapped / on-premises deployment
- Dedicated account manager & SLA
Installation
Install Tirith with your favorite package manager.
brew install sheeki03/tap/tirith
Shell Activation
# zsh (~/.zshrc) eval "$(tirith init --shell zsh)" # bash (~/.bashrc) eval "$(tirith init --shell bash)" # fish (~/.config/fish/config.fish) tirith init --shell fish | source