Welcome to Rafter
Rafter is the security toolkit built for AI coding agents. It sits between your agent and your codebase — scanning for secrets, intercepting dangerous commands, enforcing policies, and logging every security event. One command installs across 9 platforms. Free forever. No account, no telemetry, works offline.Set up agent security
Install Rafter and secure your agents in under a minute.
Two Capabilities
Agent Security (Free, No Account)
Secret scanning, command interception, policy enforcement, extension auditing, MCP server, pre-commit hooks, and audit logging. Works offline. Supports Claude Code, Codex CLI, Gemini CLI, Cursor, Windsurf, Continue.dev, Aider, and OpenClaw.
Remote Code Analysis (API)
Agentic deep-dive audits backed by a full SAST/SCA toolchain. The engine analyzes your codebase like a professional cybersecurity auditor — tracing data flows, reasoning about business logic — then cross-references with static analysis and dependency scanning. Structured reports in JSON or Markdown.
Agent-First Design
Stable Output Contract
JSON to stdout, status to stderr, documented exit codes. Agents classify outcomes without parsing prose.
Deterministic Results
Same inputs produce the same findings for a given CLI version. No flaky scans, no surprises.
9 Platforms, One Command
rafter agent init --all auto-detects and installs across every supported agent and IDE.Platform Integrations
Claude Code
PreToolUse hooks and security skills.
Codex CLI
Security skills for OpenAI Codex.
MCP Clients
Cursor, Windsurf, Gemini CLI, Continue.dev, Aider, Claude Desktop, Cline.
Quick Start
Full Quick Start Guide
Detailed setup including remote scanning, CI/CD, and API access.
More Resources
CLI Reference
All commands at a glance.
REST API
Programmatic scanning for custom integrations.
CI/CD
GitHub Actions, GitLab CI, CircleCI.