> ## Documentation Index
> Fetch the complete documentation index at: https://docs.safedep.io/llms.txt
> Use this file to discover all available pages before exploring further.

# What is SafeDep?

> SafeDep secures your open source software supply chain: block malicious packages, govern dependency risk, and control what AI coding agents can do.

SafeDep secures your open source software supply chain. It blocks malicious and vulnerable packages before they reach your code, gives you visibility and policy over the dependencies you ship, and helps you control what AI coding agents pull in and run.

Its core tools ([Vet](https://github.com/safedep/vet), [PMG](https://github.com/safedep/pmg), [xBom](https://github.com/safedep/xbom), and [Gryph](/ai-security/gryph-overview)) are free, open source, and usable without a SafeDep account. [SafeDep Cloud](/governance/cloud/overview) adds hosted policy, inventory, and org-wide visibility when your team is ready.

## Where to start

<CardGroup cols={2}>
  <Card title="Block malicious packages" icon="shield-halved" href="/package-security/overview">
    Stop malicious and vulnerable packages at install time and in CI/CD, with PMG and Vet.
  </Card>

  <Card title="Secure AI coding agents" icon="robot" href="/ai-security/overview">
    Discover, audit, and control what AI agents access and run, with Gryph and the MCP server.
  </Card>

  <Card title="Scan & govern dependencies" icon="magnifying-glass" href="/governance/overview">
    Scan repositories, SBOMs, and CI/CD for risk, and govern policy across your org with Vet and SafeDep Cloud.
  </Card>

  <Card title="How SafeDep works" icon="book" href="/concepts/malicious-package">
    Understand how SafeDep detects malicious packages, plus the core terms used across these docs.
  </Card>
</CardGroup>