Inventory

Documentation Index

Fetch the complete documentation index at: https://docs.safedep.io/llms.txt

Use this file to discover all available pages before exploring further.

​

Prerequisites

• vet installed
• A SafeDep Cloud account with an API key and tenant domain (see Cloud quickstart)

​

Enable inventory sync

1

Configure SafeDep credentials

Run the interactive auth setup, passing your tenant domain as a flag:

vet auth configure --tenant <your-tenant-domain>

The tenant domain looks like your-team.your-org.safedep.io and is shown on your SafeDep Cloud settings page. You will be prompted to enter your API key interactively.Alternatively, set environment variables:

export SAFEDEP_API_KEY=<your-api-key>
export SAFEDEP_TENANT_ID=<your-tenant-domain>   # e.g. your-team.your-org.safedep.io

Verify credentials are working:

vet auth verify

A successful response means vet can reach SafeDep Cloud. If verification fails, check that your API key and tenant domain are correct.

2

Run an endpoint scan

vet endpoint scan

Example output

Discovered 6 item(s) across 3 app(s)

┌────────────────┬──────────────────┬───────────────┬─────────┬──────────────────────────────────────────────────┐
│ TYPE           │ NAME             │ APP           │ SCOPE   │ DETAIL                                           │
├────────────────┼──────────────────┼───────────────┼─────────┼──────────────────────────────────────────────────┤
│ Coding Agent   │ Claude Code      │ Claude Code   │ System  │ /home/user/.claude/settings.json                 │
│ MCP Server     │ my-server        │ Claude Code   │ System  │ stdio: npx my-server                             │
│ CLI Tool       │ Claude Code      │ Claude Code   │ System  │ /usr/local/bin/claude v2.1.0                     │
│ Coding Agent   │ Cursor           │ Cursor        │ System  │ /home/user/.cursor                               │
│ Agent Skill    │ golang-pro       │ claude-code   │ Project │ /home/user/project/.claude/skills/golang-pro     │
│ Agent Skill    │ security-review  │ Global Skills │ System  │ /home/user/.agents/skills/security-review        │
└────────────────┴──────────────────┴───────────────┴─────────┴──────────────────────────────────────────────────┘

vet endpoint scan delivers discovered items to SafeDep Cloud in the background. The command waits up to 30 seconds for delivery; if the timeout is reached, any undelivered items are retried automatically on the next run.

Without credentials, vet endpoint scan still runs and prints the local table. No data leaves the machine.

3

View inventory in SafeDep Cloud

Open app.safedep.io, select Endpoints in the sidebar, and pick your endpoint. Your endpoint appears in the list by your machine’s hostname. Open the Inventory tab to see discovered items.

If your endpoint is not listed, confirm credentials with vet auth verify and re-run the scan.

​

Common scan options

• Project scope only: vet endpoint scan --scope project -D /path/to/repo: limits discovery to project-level configs (e.g. .mcp.json, CLAUDE.md).
• System scope only: vet endpoint scan --scope system: skips project configs; faster on large repositories.
• AI tools only: vet endpoint scan --kind ai-tool: discovers coding agents, MCP servers, CLI tools, IDE extensions, and project config files; skips skill directories.
• Agent skills only: vet endpoint scan --kind agent-skill: discovers agent skill directories only.
• JSON report: vet endpoint scan --report-json inventory.json: writes a local file in addition to syncing.
• CI/CD: Set SAFEDEP_API_KEY and SAFEDEP_TENANT_ID as pipeline secrets. Ephemeral runners (e.g. GitHub-hosted) register as a new endpoint per run; self-hosted runners on a persistent host update the same endpoint.
• Suppress table output: vet endpoint scan --silent: runs and syncs without printing the local table.

​

Next steps