safedep CLI is the command line client for your tenant: it handles login, endpoint fleet visibility, and SQL queries over synced data. This guide takes you from a new account to your first query.
Create your tenant
Create an account
Sign up at app.safedep.io.
You do not need to create an API key by hand.
safedep auth login creates one during login. CI/CD integrations that need a static key can generate one at app.safedep.io/settings/api-keys.Install the safedep CLI
- Homebrew
- npm
Log in
Connect a data source
A new tenant is empty until a tool syncs data into it. Pick the source that matches what you want to see:Repository scans
Sync packages, vulnerabilities, and policy violations from
vet scan, locally or in CI/CDPackage installs
Track package manager activity on developer machines with PMG
AI tool inventory
Discover coding agents, MCP servers, and Agent Skills on endpoints with
vet endpoint scanGitHub App
Scan pull requests with zero setup and link the installation to your tenant
vet endpoint scan reports from a machine, check your fleet from the CLI:
Query your data
Query your tenant’s aggregated inventory and findings with SQL: projects, packages, endpoints, and security findings enriched with threat intelligence (vulnerabilities, EPSS, CISA KEV, OpenSSF Scorecard). For example, find your top remediation targets by critical CVE count:Prefer a UI? Run the same queries from the web console at app.safedep.io.
Next steps
Authentication Guide
Cloud authentication methods and API access patterns
Malware Analysis
Detect malicious packages in your dependencies with Cloud code analysis
Cloud FAQ
Answers to common questions
API Documentation
Integrate SafeDep Cloud with your own systems

