# ironrun ## Docs - [ironrun agents — Manage Agent Leases and Secret Requests](https://docs.ironrun.dev/cli/access.md): ironrun agents commands list, approve, deny, revoke, and fulfill strict per-command agent leases and secret requests for sensitive workflows. - [ironrun audit — Verify the Tamper-Evident Execution Log](https://docs.ironrun.dev/cli/audit.md): ironrun audit verify checks the hash-chained audit log for tampering. The log records every sealed execution — command and secret names, never values. - [ironrun share — Encrypt Secrets for Safe Chat Transmission](https://docs.ironrun.dev/cli/capsule.md): ironrun share creates short-lived ir1. ciphertexts so you can pass a secret value through chat without it appearing in plaintext in the agent transcript. - [ironrun env — Manage Encrypted Named Environments](https://docs.ironrun.dev/cli/env.md): ironrun env subcommands create, switch, clone, import, and manage named secret environments in the encrypted local vault. Values are never revealed. - [ironrun CLI Reference — Commands and Command Groups](https://docs.ironrun.dev/cli/overview.md): Complete reference for all ironrun commands: everyday secrets and run, agent trust and access tools, setup safety checks, and advanced audit operations. - [ironrun run — Execute a Sealed Command with Secrets](https://docs.ironrun.dev/cli/run.md): ironrun run executes a command defined in ironrun.yml with secrets injected and all output redacted. Key flags: --set to override the active environment. - [ironrun trust — Manage Trusted Agent Workspace Sessions](https://docs.ironrun.dev/cli/trust.md): ironrun trust commands grant, pause, extend, and revoke two-hour workspace sessions so AI agents can run commands without per-command approval. - [Managing Project Environments and Secrets in ironrun](https://docs.ironrun.dev/concepts/environments.md): ironrun organizes secrets into named environments like dev, staging, and session. Switch between them, create sessions, and manage the full lifecycle. - [How ironrun Keeps Your Secrets Out of Agent Context](https://docs.ironrun.dev/concepts/how-it-works.md): ironrun sits between AI agents and the shell, injecting secrets at runtime and redacting every credential value from output before the agent sees it. - [Configuring Approved Commands and Secrets in ironrun.yml](https://docs.ironrun.dev/concepts/policy-file.md): ironrun.yml defines approved commands, secret references, timeouts, and security constraints. Learn every field with real-world YAML examples. - [Secret Providers: Where ironrun Resolves Credentials](https://docs.ironrun.dev/concepts/secret-providers.md): Configure ironrun to read secrets from 1Password, Doppler, Infisical, HashiCorp Vault, env files, or the shell environment. One provider per policy file. - [Configure ironrun MCP for Claude Code, Cursor, Codex](https://docs.ironrun.dev/guides/agent-setup.md): Configure ironrun as an MCP server for Claude Code, Cursor, and Codex so AI agents use run_sealed instead of reading secrets from the shell environment. - [Using ironrun for Sealed Execution in GitHub Actions](https://docs.ironrun.dev/guides/ci-github-actions.md): Run sealed commands in GitHub Actions. ironrun blocks fork pull requests from accessing secrets and redacts all credential values from CI job logs. - [Store and Materialize Encrypted File Secrets in ironrun](https://docs.ironrun.dev/guides/file-secrets.md): Store files like service account JSON as encrypted secrets. ironrun materializes them in isolated owner-only temp directories only while a command runs. - [Import .env Files into ironrun's Encrypted Secret Vault](https://docs.ironrun.dev/guides/importing-secrets.md): Import credentials from existing .env files into ironrun's encrypted vault using ironrun import. Keys are previewed; values are never displayed. - [Automate ironrun via the Local Unix Socket HTTP API](https://docs.ironrun.dev/guides/local-curl-api.md): ironrun exposes a local Unix socket HTTP API for scripted status checks, sealed execution, and access management from shell scripts and CI tools. - [ironrun Installation: Linux, macOS, Windows, and Go](https://docs.ironrun.dev/installation.md): Install ironrun using the verified curl installer, Go toolchain, or npm. Supports Linux, macOS (Intel and Apple Silicon), and Windows x86_64. - [ironrun: Sealed Command Execution for AI Coding Agents](https://docs.ironrun.dev/introduction.md): ironrun injects secrets into child processes and redacts them from all output, so AI agents can run commands without ever reading credential values. - [ironrun MCP Server: Value-Blind Tools for AI Agents](https://docs.ironrun.dev/mcp/overview.md): ironrun exposes MCP tools so AI agents can run commands and use secrets without receiving raw values. Start the server with ironrun mcp. - [propose_command — Let Agents Suggest New Policy Commands](https://docs.ironrun.dev/mcp/propose-command.md): The propose_command MCP tool stages a new command for human review. Nothing runs until a human approves it with ironrun approve in their terminal. - [run_sealed: Execute Commands Without Exposing Secrets](https://docs.ironrun.dev/mcp/run-sealed.md): The run_sealed tool runs commands with secrets injected below agent visibility. Returns exit code, duration, and redacted stdout and stderr. - [Workspace Access MCP Tools: Request and Check Trust](https://docs.ironrun.dev/mcp/workspace-access.md): request_workspace_access and workspace_status let agents request a trusted session and query project and environment metadata. No secret values returned. - [Get Started with ironrun: Sealed Execution in 5 Minutes](https://docs.ironrun.dev/quickstart.md): Install ironrun, run setup in your project directory, and execute your first sealed command with secrets injected and redacted from agent output. - [Common ironrun Errors: Causes and Fixes for Developers](https://docs.ironrun.dev/troubleshooting/common-errors.md): Fixes for the most common ironrun errors: op not found, secret resolution failures, command timeouts, shell rejections, and agents ignoring run_sealed. - [ironrun doctor — Diagnose Configuration Problems](https://docs.ironrun.dev/troubleshooting/doctor.md): ironrun doctor runs read-only checks: policy parsing, provider auth, redaction self-test, and binary resolution. Run it first when something breaks.