Skip to main content

CLI Reference

Applies to SDK 0.16+ · Last updated: 2026-06-12

The agentnode CLI ships with the SDK (pip install agentnode-sdk). Commands are grouped by task below. Running agentnode with no command shows a status dashboard; global flags --version and --no-color apply to every command.

The five you will use most:

terminal
$ agentnode setup                  # one-time interactive setup
$ agentnode search "pdf"           # find a capability
$ agentnode install pdf-reader-pack
$ agentnode run pdf-reader-pack --input '{"file_path":"report.pdf"}'
$ agentnode auth status            # check configured providers

New here? Start with the Quick Start — this page is the full reference.

Setup & configuration

CommandDescription
agentnode setupInteractive wizard covering all first-class settings as multiple-choice prompts with recommended defaults: install behavior, trust level, permissions, guard posture, credentials, sandbox and host_trust_policy, plus an advanced gate. Skippable — accepting the recommendations reproduces today's config.
agentnode config listShow all settings with their descriptions and allowed values.
agentnode config get <key>Read one config value.
agentnode config set <key> <value>Set a config value, e.g. config set llm.default_provider ollama.
agentnode config set sandbox.host_trust_policy <default|curated_only|none>Choose which trust tiers may run directly on your host; stricter values sandbox trusted/curated (fail-closed, reinstall may be needed).
agentnode doctor [--fix] [--json]Diagnose your setup and detect missing capabilities. --fix auto-installs suggestions.
agentnode resetReset the local configuration to defaults.

Find, install & run

CommandDescription
agentnode search <query>Full-text search of the registry.
agentnode discover [--trending] [--new] [--category <c>] [--type toolpack|agent]Browse trending, newly published, or categorized packages.
agentnode resolve <capability...> [--framework <f>] [--json]Rank packages for one or more capability IDs using the scoring engine.
agentnode recommend [--json]Suggest packages that complement what you already have installed.
agentnode install <slug> [--version <v>] [--yes]Install a package: policy check, download, SHA-256 verify, lockfile update.
agentnode run <slug | task> [--input <json>] [--file <path>] [--explain] [--dry-run] [--raw] [--json]Run an installed tool (by slug) or a natural-language task. Runs in subprocess isolation.
agentnode remove <slug> [--yes]Remove an installed package from the lockfile.

Inspect & history

CommandDescription
agentnode inspect <slug> [--json]Security report for an installed package: trust, permissions, risk, signature, policy/guard preview.
agentnode capabilitiesList installed packages. capabilities show <name> prints details for one.
agentnode skill listList installed skills. skill show <slug> [--render KEY=VALUE] [--raw] renders a skill prompt.
agentnode logs [run_id] [--limit <n>] [--json]Show agent run logs, or details for one run_id.
agentnode audit [--limit <n>] [--event <e>] [--slug <s>] [--action allow|deny|prompt] [--tool <t>] [--json]Read the Guard/policy decision trail from ~/.agentnode/audit.jsonl.

Trust & safety

CommandDescription
agentnode auth set <provider> [--from-env <VAR>]Store a provider credential (entered hidden). --from-env imports an existing env var.
agentnode auth listShow configured credentials (no secrets shown).
agentnode auth statusShow every provider and its effective source (env vs stored).
agentnode auth test <provider>Validate a key via a free endpoint; for Ollama, a localhost reachability check.
agentnode auth remove <provider>Delete a stored credential.
agentnode guard policy|status [--json]Show the resolved guard policy, or the recent guard activity summary.
agentnode guard set <action> <allow|prompt|deny> [--tool <key>]Set a guard action policy, globally or per tool.
agentnode guard unset [<action>] --tool <key>Remove a per-tool guard override (one action, or all for that tool).
agentnode guard check <slug/tool> [--action <a>] [--json]Dry-run the guard decision for a tool without executing it.
agentnode guard resetReset guard policies to defaults.
agentnode lock seal [--force]Compute integrity hashes for all lockfile entries.
agentnode lock verify [--strict] [--online] [--json]Verify lockfile integrity; --online checks publisher key status against the registry.
agentnode sandbox pullExplicitly pull the digest-pinned sandbox image (no auto-pull).
agentnode sandbox doctor [<slug>] [--json]Diagnose sandbox readiness (now host-trust-policy aware), optionally for one package.
agentnode sandbox statusOne-line sandbox readiness check.

Build & publish

CommandDescription
agentnode init [name] [--type local|api|file|agent|skill]Scaffold a new package from a template.
agentnode validate [path]Validate a manifest offline; check cases and predict the maximum achievable tier.
agentnode record-cases [path] [--strict]Record VCR cassettes for API verification cases. --strict fails on detected secrets.
agentnode verify-local [path]Run the full verification pipeline locally (install, import, smoke, tests, scoring).
agentnode publish [path] [--dry-run] [--skip-validate] [--token <key>] [--yes]Publish a package to the registry. --yes is required for non-interactive/CI publish.
agentnode mcp doctor <slug> [--skip-start] [--json]Check an MCP server's readiness.
agentnode mcp verify [path] [--test] [--json]Verify an MCP agentnode.yaml manifest; --test runs a protocol test.
agentnode mcp submit [path] [--test] [--token <key>] [--dry-run]Submit an MCP server for catalog review.
agentnode mcp status <submission_id> [--token <key>] [--json]Check the status of an MCP submission.

Full publishing walkthrough: Publishing Guide and Package Verification.

Advanced

CommandDescription
agentnode serveRun AgentNode itself as an MCP server over stdio.