CLI command reference

`sentrail init`

Interactive setup. Writes ~/.sentrail/config.json and prints the MCP config snippet.

sentrail init

Prompts:

Prompt	Description
Sentrail API key	Your `agk_…` gateway key from Settings → API Keys
Workspace ID	The UUID of your workspace
Upstream MCP server URL	The real MCP server allowed calls are forwarded to
Sentrail cloud URL	Defaults to the Sentrail cloud endpoint (change for self-hosted)
Local proxy port	Port the proxy listens on. Default: `3773`
Log level	`debug` \| `info` \| `warn` \| `error`. Default: `info`

Running init again preserves existing values — press enter to keep each current setting.

`sentrail start`

Start the local MCP interceptor proxy.

sentrail start

The proxy runs in the foreground on the configured port (default 3773). Every tools/call that passes through is logged with color-coded decisions. Press Ctrl+C to stop. Startup checks:

Config must exist (sentrail init first)
API key must be present and have the correct format (agk_…)
If no upstream MCP URL is configured, a warning is shown and forwarding will fail

`sentrail status`

Show current configuration (API key masked) and proxy state.

sentrail status

Output example:

Sentrail configuration

Config file    ~/.sentrail/config.json
API key        agk_test…abcd
Workspace      my-workspace-uuid
Upstream MCP   https://mcp.example.com/sse
Cloud URL      https://…supabase.co/functions/v1
Proxy port     3773
Log level      info

`sentrail demo`

Run a fully simulated demonstration. No cloud connection or upstream server required.

sentrail demo

Simulates four agent actions and shows the Sentrail decision for each:

rm -rf /tmp/sentrail-demo-dir → 🛑 BLOCKED (file.delete_recursive / critical)
git push --force origin main → ⏳ APPROVAL REQUIRED (prompts y/n in terminal)
psql -c 'DROP TABLE users' → 🛑 BLOCKED (sql.destructive / critical)
cat README.md → ✅ ALLOWED (shell.read / low)

No real commands are executed. Uses the local shell classifier only.

`sentrail test`

(Coming soon) Fire a simulated destructive action end-to-end against the live proxy and cloud, and verify it is blocked.

Configuration reference

Config file: ~/.sentrail/config.json — written with 0600 permissions (key is sensitive).

Field	Default	Description
`apiKey`	—	Sentrail gateway API key (`agk_…`). Required.
`workspaceId`	—	Your workspace UUID. Required.
`upstreamMcpUrl`	—	The upstream MCP server allowed calls are forwarded to.
`cloudUrl`	Sentrail cloud	Base URL of the Sentrail edge functions. Change for self-hosted.
`port`	`3773`	Local port the interceptor listens on.
`logLevel`	`info`	`debug` \| `info` \| `warn` \| `error`

Example ~/.sentrail/config.json:

{
  "apiKey": "agk_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
  "workspaceId": "550e8400-e29b-41d4-a716-446655440000",
  "upstreamMcpUrl": "https://mcp.yourserver.com/sse",
  "cloudUrl": "https://<project-ref>.supabase.co/functions/v1",
  "port": 3773,
  "logLevel": "info"
}

Sentrail CLI: local interceptor for AI coding agents How the local interceptor works

​sentrail init

​sentrail start

​sentrail status

​sentrail demo

​sentrail test

​Configuration reference