Document safe-chain-verify

README.md

@@ -67,6 +67,25 @@ iex "& { $(iwr 'https://raw.githubusercontent.com/AikidoSec/safe-chain/main/inst
 
 2. **Verify the installation** by running one of the following commands:
 
+   **Quick verification** (recommended):
+
+   For JavaScript/Node.js package managers:
+
+   ```shell
+   npm safe-chain-verify
+   ```
+
+   For Python package managers (if you enabled Python support):
+
+   ```shell
+   pip3 safe-chain-verify
+   ```
+
+   - This command quickly confirms that Safe Chain is intercepting package manager commands. You should see the output: `Safe-chain: Ok`
+   - You can use this with any supported package manager: `npx safe-chain-verify`, `yarn safe-chain-verify`, `pnpm safe-chain-verify`, `bun safe-chain-verify`, etc.
+
+   **Full verification with malware test**:
+
    For JavaScript/Node.js:
 
    ```shell

docs/shell-integration.md

@@ -85,7 +85,28 @@ This means the shell functions are working but the Aikido commands aren't instal
 
 To verify the integration is working, follow these steps:
 
-1. **Check if startup scripts were sourced in your shell startup file:**
+1. **Quick verification using the built-in test command (recommended):**
+
+   After restarting your terminal, run the verification command:
+
+   ```bash
+   npm safe-chain-verify
+   ```
+
+   You should see the output: `Safe-chain: Ok`
+
+   This confirms that Safe Chain is successfully intercepting package manager commands. You can use this command with any supported package manager:
+
+   - `npm safe-chain-verify`
+   - `yarn safe-chain-verify`
+   - `pnpm safe-chain-verify`
+   - `bun safe-chain-verify`
+   - `pip safe-chain-verify` (if Python support is enabled)
+   - `pip3 safe-chain-verify` (if Python support is enabled)
+
+   If you don't see this output, Safe Chain is not intercepting commands correctly - proceed to the steps below.
+
+2. **Check if startup scripts were sourced in your shell startup file:**
 
    - **For Bash**: Open `~/.bashrc` in your text editor
    - **For Zsh**: Open `~/.zshrc` in your text editor
@@ -94,16 +115,16 @@ To verify the integration is working, follow these steps:
 
    Look for lines that source the Safe Chain startup scripts from `~/.safe-chain/scripts/`
 
-2. **Test that shell functions are active in your terminal:**
+3. **Test that shell functions are active in your terminal:**
 
    After restarting your terminal, run these commands:
 
    - `npm --version` - Should show output from the Aikido-wrapped version
    - `type npm` - Should show that `npm` is a function
 
-3. **If you need to remove the integration manually:**
+4. **If you need to remove the integration manually:**
 
-   Edit the same startup file from step 1 and delete any lines that source Safe Chain scripts from `~/.safe-chain/scripts/`.
+   Edit the same startup file from step 2 and delete any lines that source Safe Chain scripts from `~/.safe-chain/scripts/`.
 
 ## Manual Setup
 

packages/safe-chain/src/main.js

@@ -38,6 +38,9 @@ export async function main(args) {
     // This parses all the --safe-chain arguments and removes them from the args array
     args = initializeCliArguments(args);
 
+    // Handle verification command to test if safe-chain is intercepting package manager commands
+    // Users can run: npm safe-chain-verify, yarn safe-chain-verify, pip safe-chain-verify, etc.
+    // This confirms the shell integration is working correctly without performing any package operations
     if (args[0] === "safe-chain-verify") {
       ui.writeInformation("Safe-chain: Ok");
       return 0;