The invariance CLI is the fastest way for agents and humans to emit trace nodes, manage runs, and operate monitors from a terminal.
npm install -g @invariance/cliOr with pnpm:
pnpm add -g @invariance/cliVerify:
invariance versionThe browser flow is the recommended setup. It opens the dashboard, you approve the device, and the CLI stores the returned key in ~/.invariance/config.json.
invariance login --browser
# Or with a specific profile
invariance login --browser --profile staginginvariance login --api-key inv_live_...
# Or via environment
export INVARIANCE_API_KEY=inv_live_...invariance auth whoami
invariance logoutConfiguration is resolved from (highest priority first):
INVARIANCE_API_KEY, INVARIANCE_BASE_URL~/.invariance/config.json--profile <name>)invariance config get baseUrl
invariance config set baseUrl https://api.useinvariance.com
# Full setup check
invariance doctorSee the Configuration page for every supported key.
A run is a container for the trace nodes produced by a single agent task.
# Start a run and capture its id
RUN_ID=$(invariance run start --name "refactor auth" --json | jq -r .id)
# Update status: open | completed | failed
invariance run update "$RUN_ID" --status completed
invariance run cancel "$RUN_ID" --reason "superseded"
# Fork from an existing node
invariance run fork "$RUN_ID" --from-node <node_id>invariance run list --limit 20
invariance run get "$RUN_ID"
invariance run metrics "$RUN_ID"
invariance run verify "$RUN_ID" # verify proof chain
invariance run narrative "$RUN_ID" # LLM-generated summary
invariance run llm-calls "$RUN_ID"
invariance run nodes "$RUN_ID"Write one node per meaningful unit of work — a tool call, an LLM call, a decision.
invariance node write "$RUN_ID" \
--action-type tool_call \
--input '{"pattern":"verifyToken"}' \
--output '{"matches":7}'
# Batch: one JSONL node per line, up to 100 per call
invariance node write "$RUN_ID" --file ./nodes.jsonlinvariance node list "$RUN_ID" --limit 50
invariance node tail "$RUN_ID" --interval 2000Rules that watch runs and emit signals when conditions match.
invariance monitor list
invariance monitor get <monitor-id>
invariance monitor create --spec '{"name":"PII Check","rule":"Agent must not output SSNs"}'
invariance monitor update <monitor-id> --patch '{"name":"PII Check v2"}'
invariance monitor pause <monitor-id>
invariance monitor resume <monitor-id>invariance monitor evaluate <monitor-id>
invariance monitor executions <monitor-id>
invariance monitor findings <monitor-id>Alerts raised by monitors or emitted directly.
invariance signal list
invariance signal get <signal-id>
invariance signal emit --severity high --title "Prompt drift detected" --message "Root cause under review"
invariance signal ack <signal-id>
invariance signal resolve <signal-id>Investigation records attached to a monitor execution.
invariance finding list
invariance finding get <finding-id>
invariance finding update <finding-id> --status resolvedHuman-in-the-loop queue for findings that need judgment.
invariance review list
invariance review get <review-id>
invariance review claim <review-id>
invariance review unclaim <review-id>
invariance review resolve <review-id> --decision passed --notes "looks fine"invariance agent me
invariance agent set-key --public-key <ed25519-public-key-hex>invariance metrics overview
invariance metrics overview --window-hours 168invariance --help
invariance completions zsh
invariance doctor
invariance versionEvery command accepts --help; every data command accepts --json for machine-readable output.