Installation
Vectra Guard installs to ~/.local/bin by default. Ensure this directory is in your PATH.
Install Vectra Guard
# One-line install (macOS & Linux)
curl -fsSL https://raw.githubusercontent.com/xadnavyaai/vectra-guard/main/install.sh | bash
# Verify installation
vg versionPrerequisites: curl or wget is required. The installer automatically detects your OS and architecture.
Initialize Configuration
Create a local configuration file and CVE cache for your project:
Initialize Project
# Initialize local config
vg init --local
# Sync CVE database
vg cve sync --path .This creates .vectra-guard/ in your project with configuration and CVE cache.
Seed Agent Instructions
Configure AI coding assistants (Cursor, Copilot, etc.) to use Vectra Guard:
Configure AI Agents
# Seed instructions for AI agents
vg seed agents --target . --targets "agents,cursor"
# This creates:
# - .cursorrules (Cursor AI rules)
# - .agents/AGENTS.md (Generic agent instructions)Run Your First Commands
Basic Usage
# Start a tracked session
SESSION=$(vg session start --agent "manual")
export VECTRAGUARD_SESSION_ID=$SESSION
# Scan for CVEs
vg cve scan --path .
# Execute commands safely
vg exec -- npm install
# Validate a script
vg validate scripts/deploy.sh
# View session activity
vg session show $SESSIONHow Protection Works
Default: Always Sandbox (Maximum Security)
All commands run in isolated sandbox by default with intelligent caching for 10x speedup.
sandbox:
enabled: true
mode: always # Default
enable_cache: true # 10x faster!Auto Mode (Balanced)
Low-risk commands run on host, medium/high-risk in sandbox automatically.
sandbox:
mode: auto # Smart routingTrust Store
Approve commands once, run them instantly forever.
# Trust a common command
vg trust add "npm test" --note "Safe"
# Runs on host (instant)
vg exec -- npm test