Automic Vault icon Automic Vault

Installer trace

Trace shell installers before they touch disk

Run av trace on a curl pipe shell one-liner to see the file-changing actions it is likely to perform: downloads, writes, chmods, installs, service changes, and generated executables.

Last updated: June 1, 2026

av trace helps developers inspect shell installers before an AI agent runs them. It summarizes file-changing behavior from installer scripts so risky curl-pipe-shell workflows can be reviewed before execution.

Automic Vault terminal showing installer trace output

Curl pipe shell

Explain the installer behind the one-liner.

curl URL | sh hides the part that matters. av trace recognizes simple curl-to-shell commands, fetches the script for analysis, and asks a local Codex or Claude agent to summarize the consequential file changes.

Static analysis

Do not run it

The installer command is interpreted for trace output. The script is downloaded for inspection, not executed as an install.

File changes

Keep the signal

Trace output focuses on writes, deletes, moves, permissions, installs, service files, and generated executables.

Network context

Show the fetch

Network calls stay in the summary when they explain a file-changing step, such as downloading a DMG, script, archive, or package payload.

Agent isolation

Constrain the tracer

The local trace agent runs through a sandboxed path so analysis has runtime scratch space without installer write access.

Readable output

Turn install scripts into reviewable steps.

Input

av trace 'curl https://example.com/install.sh | sh'

Output

Concise numbered steps such as downloading and mounting a DMG, installing into /Applications, or writing a launcher under ~/.local/bin.

Automation

Use --json when another tool needs the traced command, selected agent, operation type, path, and related network URL.

Agent setup risk

Installer one-liners are package decisions in disguise.

AI agents often reach for install scripts when a tool is missing. The command looks small, but the script behind it can create directories, change permissions, add launch services, download binaries, and write shell startup files. av trace gives that hidden behavior a review step.

Preflight

Review before execution

Trace a one-liner before the agent runs it, especially when the script comes from a project README, issue thread, or package website.

Scope

Focus on file changes

The output deliberately emphasizes writes, deletes, moves, chmods, installers, services, and generated executables rather than every shell detail.

Boundary

Pair with approvals

After tracing, run risky tool execution through Automic Vault approval gates so the final write or privileged action is still visible.

Evidence

Keep output readable

Use normal text for human review or JSON when another local tool needs structured trace results.

FAQ

av trace questions.

The goal is not to ban installer scripts. The goal is to make hidden install behavior visible before an agent turns a one-liner into local machine state.

Execution

av trace does not run the installer. It inspects installer content and summarizes likely file-changing behavior.

Reports

It reports consequential actions such as downloads, writes, deletes, moves, chmods, package installs, service files, and generated executables.

Provenance

This guide is maintained with the public Automic Vault source, security notes, and issue tracker by Max Howell, creator of Homebrew.

Related protections

Trace first. Then control execution.