> ## Documentation Index
> Fetch the complete documentation index at: https://docs.ironrun.dev/llms.txt
> Use this file to discover all available pages before exploring further.

# ironrun CLI Reference — Commands and Command Groups

> Complete reference for all ironrun commands: everyday secrets and run, agent trust and access tools, setup safety checks, and advanced audit operations.

The ironrun CLI is organized into four groups — **everyday**, **agents**, **setup**, and **advanced** — so you can find the right command for any task: managing secrets in the encrypted vault, controlling what AI agents can run, validating your policy file, or auditing what happened after the fact. Run `ironrun` with no arguments to open the global workspace TUI.

<CardGroup cols={2}>
  <Card title="run" icon="play" href="/cli/run">
    Execute a sealed policy command with secrets injected and output redacted
  </Card>

  <Card title="env" icon="lock" href="/cli/env">
    Create, switch, clone, import, and manage named secret environments
  </Card>

  <Card title="trust" icon="shield-check" href="/cli/trust">
    Grant and revoke trusted agent workspace sessions
  </Card>

  <Card title="access" icon="key" href="/cli/access">
    Manage per-command agent leases and secret requests
  </Card>

  <Card title="capsule" icon="envelope-open-text" href="/cli/capsule">
    Encrypt secrets into chat-safe one-time ciphertexts
  </Card>

  <Card title="audit" icon="list-check" href="/cli/audit">
    Verify the tamper-evident hash-chained execution log
  </Card>
</CardGroup>

## Command groups

### Everyday

| Command   | Description                                                    |
| --------- | -------------------------------------------------------------- |
| `open`    | Open the global workspace TUI for a specific project path      |
| `inbox`   | Open the agent-request Inbox in the TUI                        |
| `status`  | Value-blind summary of the current project and environment     |
| `add`     | Add a secret to the active environment via a masked prompt     |
| `import`  | Import key names from a `.env` file into the encrypted vault   |
| `file`    | Encrypt one owner-only file secret into the active environment |
| `new`     | Create and switch to a new persistent environment              |
| `session` | Create and switch to a 24-hour temporary environment           |
| `use`     | Switch the active environment                                  |
| `envs`    | List environment names and key names — never values            |
| `run`     | Execute a sealed command defined in `ironrun.yml`              |
| `tui`     | Open the global workspace TUI explicitly                       |
| `env`     | Full suite of environment management subcommands               |

### Agents and sharing

| Command  | Description                                                                        |
| -------- | ---------------------------------------------------------------------------------- |
| `trust`  | Manage broad, revocable trusted agent workspace sessions                           |
| `agents` | Manage strict per-command leases and secret requests (`access` is an alias)        |
| `share`  | Create encrypted one-use ciphertexts for chat transmission (`capsule` is an alias) |
| `mcp`    | Start the MCP stdio server for Claude Code, Cursor, Codex, and others              |
| `daemon` | Run ironrun as a background value-blind service                                    |
| `serve`  | Start the owner-only local Unix-socket API                                         |

### Setup and safety

| Command    | Description                                                         |
| ---------- | ------------------------------------------------------------------- |
| `setup`    | Initialize ironrun in the current project (`init` is an alias)      |
| `migrate`  | Preview or apply a reversible migration from v1 policies            |
| `doctor`   | Run read-only health checks: policy, provider auth, redaction, PATH |
| `validate` | Parse and validate the policy file without executing anything       |
| `lint`     | Security review of the policy: shell argv, missing TTL, open egress |

### Advanced

| Command    | Description                                      |
| ---------- | ------------------------------------------------ |
| `projects` | Manage registered project identities             |
| `audit`    | Verify the tamper-evident hash-chained audit log |
| `review`   | Review pending agent requests in the TUI         |
| `approve`  | Approve a pending request                        |
| `reject`   | Reject a pending request                         |
| `secrets`  | Inspect declared secret bindings from the policy |
| `version`  | Print version, commit, and build date            |

## Global flag

Every ironrun command accepts one global flag:

| Flag             | Default       | Description             |
| ---------------- | ------------- | ----------------------- |
| `--policy`, `-p` | `ironrun.yml` | Path to the policy file |

## Opening the TUI

Running `ironrun` with no arguments opens the global workspace TUI — environments, masked key names, approved commands, agent requests, leases, and audit state. Use arrow keys, `Enter`, `Escape`, and `Tab` to navigate; press `/` for the action palette and `?` for help.
