# Introduction to Safety **Safety secures developer workstations for the age of AI-driven development — giving security teams instant visibility, threat protection, and governance over every package, extension, AI tool, and MCP server across your organization.** ## What is Safety Endpoint Security? AI Workstation Security is a security platform that silently deploys across your teams' workstations to discover, secure, and protect everything developers, analysts and AI agents install and use in their development environments. In the age of AI-assisted ("vibe") coding, workstations are filled with packages, extensions, and tools suggested and installed by AI agents — often without security review. Safety gives you complete observability and control, without requiring any changes to your developers' workflows. ### What Safety Endpoint Security Discovers * **Python Packages** — all PyPI-based packages across virtual environments, global installations, and project dependencies. * **JavaScript Packages** — all NPM-based packages, including globally installed tools and project dependencies. * **Package Managers** — pip, uv, poetry, npm, yarn, pnpm, conda, and more * **IDEs** — VS Code, Cursor, and other IDEs * **\[Coming Soon] Codebases** * **\[Coming Soon] IDE Extensions** — VS Code, Cursor, and other IDE extensions analyzed for potential vulnerabilities. * **\[Coming Soon] AI Assistants** — Inventory of AI coding tools such as Cursor, Claude Code, Codex, and others. * **\[Coming Soon] AI Models** — Deployed AI models (e.g., from Hugging Face) scanned for security risks. * **\[Coming Soon] MCP Servers** — Monitoring and inventory of Model Context Protocol server configurations. ### What Safety Endpoint Security Protects and Governs * **Package installations** — Package managers including pip, uv, poetry, npm are wrapped and protected. Every package install is intercepted, analyzed in realtime, and checked against organizational or project policies, all before installation. This pro-active security and governance protects workstations from malicious packages such as XZ Utils Backdoor or Sha-Hulud. * **\[Coming Soon] AI Assistant and AI Agent package dependencies** — AI Assistants and AI Agents are given direct access to Safety’s Proprietary Intelligence data on package risk, known vulnerabilities, and your organization’s policies. This means * **\[Coming Soon] IDE and AI Assistants** * **\[Coming Soon] IDE Extension installations and use** * **\[Coming Soon] MCP tool use** ## How Safety Endpoint Security works Safety AI Workstation Client deploys silently and agentlessly across macOS, Windows, Linux, WSL, Docker, and virtual desktops. It unobtrusively indexes all software on each workstation and wraps package installers (pip, npm, VS Code Extensions, etc.) to block malicious or unapproved software — all with zero friction and no tool changes for developers. It can also installs Security & Risk Intelligence MCP tool into every AI Assistant and AI Agent on the workstation, ensuring that *** ## Core Capabilities ### Workstation Scanning & Inventory Get a complete, real-time inventory of every package, extension, AI model, MCP server, and AI tool installed across all developer workstations in your organization. ### Malicious Package Protection ([Safety Firewall](https://docs.safetycli.com/safety-docs/firewall/introduction-to-safety-firewall)) Safety Firewall wraps package managers and acts as a security filter between public repositories and your developers. Every package installation request is analyzed in real-time, blocking malicious, vulnerable, and non-compliant packages before they're installed. {% content-ref url="firewall/introduction-to-safety-firewall" %} [introduction-to-safety-firewall](https://docs.safetycli.com/safety-docs/firewall/introduction-to-safety-firewall) {% endcontent-ref %} ### Vulnerability Scanning ([Safety CLI](https://docs.safetycli.com/safety-docs/safety-cli/introduction-to-safety-cli-vulnerability-scanning)) Safety scans your dependencies for known vulnerabilities, leveraging the industry's most comprehensive vulnerability database — covering 3x more vulnerabilities than competitors like Dependabot, pip-audit, Snyk, and OSV. Safety CLI can be deployed in minutes and provides clear, actionable remediation recommendations. {% content-ref url="safety-cli/introduction-to-safety-cli-vulnerability-scanning" %} [introduction-to-safety-cli-vulnerability-scanning](https://docs.safetycli.com/safety-docs/safety-cli/introduction-to-safety-cli-vulnerability-scanning) {% endcontent-ref %} ### Governance & Compliance Identify risks including known vulnerabilities, copyleft licensing issues, and malicious software. Govern what can and cannot be installed across your organization's developer workstations and build pipelines. *** ## Why Safety? | **Challenge** | **How Safety Helps** | | ------------------------------------------------ | ----------------------------------------------------------------------- | | AI agents install unvetted packages | Real-time blocking of malicious and vulnerable packages at install time | | No visibility into what's on developer machines | Complete workstation inventory across all ecosystems | | Typosquatting & dependency confusion attacks | Pre-screening every package before installation | | Compromised trusted packages | Continuous monitoring with the industry's deepest vulnerability data | | IDE extensions and MCP servers as attack vectors | Discovery and risk analysis of developer tooling beyond just packages | *** ## Supported Platforms | Platform | Support | | ---------------- | ------- | | macOS | ✅ | | Windows | ✅ | | Linux | ✅ | | WSL | ✅ | | Docker | ✅ | | Virtual Desktops | ✅ | *** ## Get Started {% hint style="success" %} ### Get Started with a 7-Day Free Trial [Click here to create an account and access a 7-day Free Trial.](https://platform.safetycli.com/register/) {% endhint %} {% hint style="info" %} ### Book a Demo [See Safety in action with a guided demo.](https://getsafety.com/) {% endhint %} ### Guides {% content-ref url="firewall/introduction-to-safety-firewall" %} [introduction-to-safety-firewall](https://docs.safetycli.com/safety-docs/firewall/introduction-to-safety-firewall) {% endcontent-ref %} {% content-ref url="firewall/installation-and-configuration" %} [installation-and-configuration](https://docs.safetycli.com/safety-docs/firewall/installation-and-configuration) {% endcontent-ref %} {% content-ref url="safety-cli/introduction-to-safety-cli-vulnerability-scanning/quick-start-guide" %} [quick-start-guide](https://docs.safetycli.com/safety-docs/safety-cli/introduction-to-safety-cli-vulnerability-scanning/quick-start-guide) {% endcontent-ref %} {% content-ref url="safety-cli/scanning-for-vulnerable-and-malicious-packages/viewing-scan-results" %} [viewing-scan-results](https://docs.safetycli.com/safety-docs/safety-cli/scanning-for-vulnerable-and-malicious-packages/viewing-scan-results) {% endcontent-ref %} {% content-ref url="safety-cli/scanning-for-vulnerable-and-malicious-packages/available-commands-and-inputs" %} [available-commands-and-inputs](https://docs.safetycli.com/safety-docs/safety-cli/scanning-for-vulnerable-and-malicious-packages/available-commands-and-inputs) {% endcontent-ref %} *** {% hint style="info" %} ### Upgrade to Safety 3.7.0 [Safety 3.7.0](https://docs.safetycli.com/safety-docs/safety-cli/introduction-to-safety-cli-vulnerability-scanning) is now available. The minimum version required to run Safety Firewall is 3.5.0. To upgrade, use `pip install -U safety` or `uv tool install safety==3.7.0` For details on upgrading from Safety CL 2.x to Safety CLI 3.x, [refer to our migration guide](https://docs.safetycli.com/safety-docs/safety-cli/introduction-to-safety-cli-vulnerability-scanning/migrating-from-safety-cli-2.x-to-safety-cli-3.x). {% endhint %}