Getting Started

Installation

Install Sandtrace from source using Cargo:

git clone https://github.com/sandtrace/sandtrace.git
cd sandtrace
cargo build --release

Or install directly:

cargo install sandtrace

Your First Scan

Run a full scan of your development environment:

sandtrace scan

This will check:

• Credential stores and environment variables
• MCP configurations for Claude, Cursor, Continue, and Windsurf
• npm dependencies for typosquatted packages
• Git templates for hook injection
• Source files for obfuscation patterns

Next Steps

• Configuration — Customize scan behavior
• Detection Rules — Understand what Sandtrace detects
• CLI Reference — Full command documentation