Introduction to Safety

Safety secures developer workstations for the age of AI-driven development — giving security teams instant visibility, threat protection, and governance over every package, extension, AI tool, and MCP server across your organization.

What is Safety Endpoint Security?

AI Workstation Security is a security platform that silently deploys across your teams' workstations to discover, secure, and protect everything developers, analysts and AI agents install and use in their development environments.

In the age of AI-assisted ("vibe") coding, workstations are filled with packages, extensions, and tools suggested and installed by AI agents — often without security review. Safety gives you complete observability and control, without requiring any changes to your developers' workflows.

What Safety Endpoint Security Discovers

Python Packages — all PyPI-based packages across virtual environments, global installations, and project dependencies.
JavaScript Packages — all NPM-based packages, including globally installed tools and project dependencies.
Package Managers — pip, uv, poetry, npm, yarn, pnpm, conda, and more
IDEs — VS Code, Cursor, and other IDEs
[Coming Soon] Codebases
[Coming Soon] IDE Extensions — VS Code, Cursor, and other IDE extensions analyzed for potential vulnerabilities.
[Coming Soon] AI Assistants — Inventory of AI coding tools such as Cursor, Claude Code, Codex, and others.
[Coming Soon] AI Models — Deployed AI models (e.g., from Hugging Face) scanned for security risks.
[Coming Soon] MCP Servers — Monitoring and inventory of Model Context Protocol server configurations.

What Safety Endpoint Security Protects and Governs

Package installations — Package managers including pip, uv, poetry, npm are wrapped and protected. Every package install is intercepted, analyzed in realtime, and checked against organizational or project policies, all before installation. This pro-active security and governance protects workstations from malicious packages such as XZ Utils Backdoor or Sha-Hulud.
[Coming Soon] AI Assistant and AI Agent package dependencies — AI Assistants and AI Agents are given direct access to Safety’s Proprietary Intelligence data on package risk, known vulnerabilities, and your organization’s policies. This means
[Coming Soon] IDE and AI Assistants
[Coming Soon] IDE Extension installations and use
[Coming Soon] MCP tool use

How Safety Endpoint Security works

Safety AI Workstation Client deploys silently and agentlessly across macOS, Windows, Linux, WSL, Docker, and virtual desktops. It unobtrusively indexes all software on each workstation and wraps package installers (pip, npm, VS Code Extensions, etc.) to block malicious or unapproved software — all with zero friction and no tool changes for developers.

It can also installs Security & Risk Intelligence MCP tool into every AI Assistant and AI Agent on the workstation, ensuring that

Core Capabilities

Workstation Scanning & Inventory

Get a complete, real-time inventory of every package, extension, AI model, MCP server, and AI tool installed across all developer workstations in your organization.

Malicious Package Protection (Safety Firewall)

Safety Firewall wraps package managers and acts as a security filter between public repositories and your developers. Every package installation request is analyzed in real-time, blocking malicious, vulnerable, and non-compliant packages before they're installed.

Introduction to Safety Firewall

Vulnerability Scanning (Safety CLI)

Safety scans your dependencies for known vulnerabilities, leveraging the industry's most comprehensive vulnerability database — covering 3x more vulnerabilities than competitors like Dependabot, pip-audit, Snyk, and OSV. Safety CLI can be deployed in minutes and provides clear, actionable remediation recommendations.

Introduction to Safety CLI Vulnerability Scanning

Governance & Compliance

Identify risks including known vulnerabilities, copyleft licensing issues, and malicious software. Govern what can and cannot be installed across your organization's developer workstations and build pipelines.

Why Safety?

Challenge

How Safety Helps

AI agents install unvetted packages

Real-time blocking of malicious and vulnerable packages at install time

No visibility into what's on developer machines

Complete workstation inventory across all ecosystems

Typosquatting & dependency confusion attacks

Pre-screening every package before installation

Compromised trusted packages

Continuous monitoring with the industry's deepest vulnerability data

IDE extensions and MCP servers as attack vectors

Discovery and risk analysis of developer tooling beyond just packages

Supported Platforms

Platform

Support

macOS

✅

Windows

✅

Linux

✅

WSL

✅

Docker

✅

Virtual Desktops

✅

Get Started

Upgrade to Safety 3.7.0

Safety 3.7.0 is now available. The minimum version required to run Safety Firewall is 3.5.0. To upgrade, use pip install -U safety or uv tool install safety==3.7.0

For details on upgrading from Safety CL 2.x to Safety CLI 3.x, refer to our migration guide.

NextIntroduction to Safety Firewall

Last updated 1 day ago

Was this helpful?

hashtagWhat is Safety Endpoint Security?

hashtagWhat Safety Endpoint Security Discovers

hashtagWhat Safety Endpoint Security Protects and Governs

hashtagHow Safety Endpoint Security works

hashtagCore Capabilities

hashtagWorkstation Scanning & Inventory

hashtagMalicious Package Protection (Safety Firewall)

hashtagVulnerability Scanning (Safety CLI)

hashtagGovernance & Compliance

hashtagWhy Safety?

hashtagSupported Platforms

hashtagGet Started

hashtagGet Started with a 7-Day Free Trial

hashtagBook a Demo

hashtagGuides

hashtagUpgrade to Safety 3.7.0