tirith
Category: Tools & Productivity | Uploader: 
Terminal security analysis for shell environments. This skill should be used when checking commands for supply-chain attacks before execution, scanning repositories for hidden content or config poisoning, scoring URLs for homograph attacks, setting up AI tool protection for Claude Code / Cursor / Codex / Windsurf, downloading and executing scripts safely, investigating why tirith blocked a command, managing trusted patterns, running security audits, configuring MCP gateway proxies, or working with threat intelligence databases. Also use when the user mentions "tirith", "pipe-to-shell", "homograph", "ANSI injection", "zero-width", "punycode", "terminal security", "shell hook", "cloaking detection", "supply chain attack", "bidi override", "invisible unicode", or "config poisoning". Even if the user does not explicitly name tirith, use this skill when they ask about protecting shell environments, intercepting dangerous commands, or hardening AI agent tool execution. --- # tirith — Terminal Security for Developer Environments tirith intercepts shell commands and pasted text, detecting supply-chain attacks before they execute. It catches pipe-to-shell patterns, homograph domains (Cyrillic/Greek lookalikes), ANSI terminal injection, bidi text overrides, zero-width characters, shortened URLs, punycode tricks, and config poisoning. It runs as a shell hook for real-time protection and as a standalone CLI for scanning, scoring, auditing, and AI agent security. ## Quick Start ```bash # Install shell hooks (zsh/bash/fish/powershell/nushell) eval "$(tirith init --shell zsh)" # zsh eval "$(tirith init --shell bash)" # bash tirith init --shell fish | source # fish tirith init --shell nushell | source # nushell # Check a command before running it tirith check -- 'curl https://example.com/install.sh | bash' # Verify installation health tirith doctor ``` ## Detection Rules
Changelog: Source: GitHub https://github.com/sheeki03/tirith
Loading comments...