Skip to main content
Safe Chain integrates with your shell by sourcing startup scripts that wrap common package manager commands with their Aikido-protected equivalents.

Overview

When shell integration is active, the following commands are automatically wrapped: npm, npx, yarn, pnpm, pnpx, bun, bunx, pip, pip3, uv, poetry, pipx, python, python3 Each command is replaced by a shell function that delegates to the corresponding aikido-* binary (e.g., npm calls aikido-npm). Safe Chain also intercepts Python module invocations for pip: python -m pip, python -m pip3, python3 -m pip, and python3 -m pip3.

Supported shells

ShellStartup file
Bash~/.bashrc
Zsh~/.zshrc
Fish~/.config/fish/config.fish
PowerShell Core$PROFILE
Windows PowerShell$PROFILE

Setup commands

Run the following commands to manage shell integration:
1

Set up shell integration

safe-chain setup
This command:
  • Copies startup scripts to ~/.safe-chain/scripts/
  • Detects all supported shells on your system
  • Modifies each shell’s startup file to source the Safe Chain scripts
  • Adds interceptors so python -m pip[...] and python3 -m pip[...] route through Safe Chain
2

Restart your terminal

You must restart your terminal after running safe-chain setup for the changes to take effect. Shell functions defined in startup files are not active in the current session until the file is re-sourced.
3

Remove shell integration

To restore the original unprotected commands:
safe-chain teardown
This removes the Safe Chain entries from each detected shell’s startup file. Restart your terminal after running this command.

File locations modified

ShellFile modified
Bash~/.bashrc
Zsh~/.zshrc
Fish~/.config/fish/config.fish
PowerShell Core~/.config/powershell/profile.ps1 (resolved via $PROFILE)

Manual setup

For advanced users who prefer not to use safe-chain setup, you can add wrapper functions directly to your shell’s startup file. Shell functions take precedence over binaries in PATH, so defining an npm function intercepts all npm calls.

Package manager wrappers

Add the following pattern for each package manager. Repeat for npx, yarn, pnpm, pnpx, bun, bunx, pip, pip3, uv, poetry, and pipx using their respective aikido-* commands. 
# Example for Bash/Zsh
npm() {
  if command -v aikido-npm > /dev/null 2>&1; then
    aikido-npm "$@"
  else
    echo "Warning: safe-chain is not installed. npm will run without protection."
    command npm "$@"
  fi
}

Python module interception

To intercept python -m pip and python3 -m pip invocations without altering the Python binary itself, add these forwarding functions: 
# Example for Bash/Zsh
python() {
  if [[ "$1" == "-m" && "$2" == pip* ]]; then
    local mod="$2"; shift 2
    if [[ "$mod" == "pip3" ]]; then aikido-pip3 "$@"; else aikido-pip "$@"; fi
  else
    command python "$@"
  fi
}

python3() {
  if [[ "$1" == "-m" && "$2" == pip* ]]; then
    local mod="$2"; shift 2
    if [[ "$mod" == "pip3" ]]; then aikido-pip3 "$@"; else aikido-pip "$@"; fi
  else
    command python3 "$@"
  fi
}
After adding these functions, restart your terminal to apply the changes.
These shell functions only intercept invocations of python and python3 by name. Calls using absolute paths (e.g., /usr/bin/python -m pip) bypass shell functions entirely and will not be protected by Safe Chain.

Build docs developers (and LLMs) love

Get started for freeTalk to us