CLI Reference

Full documentation for the treeship command-line tool.

Installation

npm install -g treeship-cli

Configuration

Environment Variables

export TREESHIP_API_KEY=your-api-key      # Required for attest
export TREESHIP_AGENT=my-agent            # Default agent slug
export TREESHIP_API_URL=https://api.treeship.dev  # API endpoint

Config File

treeship config set api-key your-api-key
treeship config set default-agent my-agent
treeship config list

Commands

treeship attest

Create a cryptographic attestation.

treeship attest --action "Description" --inputs-hash "sha256..."

Options:

Option	Description	Required
`--action <text>`	Description of the action	Yes
`--inputs-hash <hash>`	SHA256 hash of inputs	Yes
`--agent <slug>`	Agent slug (or use TREESHIP_AGENT)	No
`--public`	Make attestation public (default)	No
`--private`	Make attestation private	No
`--zk`	Enable ZK proof for privacy	No
`--tools <tools...>`	Tools used in this action	No
`--human-approved`	Mark as human-approved	No
`--approver <hash>`	Hash of approver identity	No
`--json`	Output as JSON	No
`--quiet`	Output only the verification URL	No

Examples:

# Basic attestation
treeship attest \
  --action "Processed order #123" \
  --inputs-hash "abc123..."

# With tool verification
treeship attest \
  --agent my-agent \
  --action "Sent report via email" \
  --inputs-hash "def456..." \
  --tools read_file send_email

# With human approval
treeship attest \
  --action "Released payment of $10,000" \
  --inputs-hash "ghi789..." \
  --human-approved \
  --approver "sha256-of-manager-email"

# Private attestation
treeship attest \
  --action "Internal audit completed" \
  --inputs-hash "jkl012..." \
  --private

# JSON output for scripts
treeship attest \
  --action "..." \
  --inputs-hash "..." \
  --json

treeship verify

Verify an attestation by ID.

treeship verify <attestation-id>

Options:

Option	Description
`--json`	Output as JSON
`--quiet`	Output only “valid” or “invalid”

Examples:

# Standard verification
treeship verify abc123-def456-ghi789

# JSON output
treeship verify abc123-def456-ghi789 --json

# Script-friendly (exits 0 if valid, 1 if invalid)
treeship verify abc123-def456-ghi789 --quiet

treeship whoami

Show current configuration.

treeship whoami

Output:

Treeship CLI

  API URL   https://api.treeship.dev
  API Key   set
  Agent     my-agent

  Feed      https://treeship.dev/verify/my-agent

treeship identity

Manage agent identity and verification.

identity register

treeship identity register --agent my-agent --code-hash "sha256..." --model-id "gpt-4-turbo"

Options:

Option	Description	Required
`--agent <slug>`	Agent slug	Yes
`--name <name>`	Human-readable name	No
`--description <text>`	Agent description	No
`--code-hash <hash>`	SHA256 of agent code	No
`--model-id <id>`	AI model identifier	No
`--domain <domain>`	Domain to verify	No
`--public-key <file>`	Path to Ed25519 public key	No
`--json`	Output as JSON	No

identity info

Get agent identity information.

treeship identity info --agent my-agent

Output:

Agent: my-agent
  Name           My AI Agent
  Identity Score 75/100
  Code Hash      e3b0c442...
  Model          gpt-4-turbo
  Domain         ✓ agent.example.com

  Verified Proofs:
    ✓ domain: agent.example.com

  Authorized Tools:
    • read_file
    • send_email
    • search_web

identity set-tools

Set authorized tools for an agent.

treeship identity set-tools --agent my-agent --tools read_file send_email search_web

identity verify-tools

Verify tools are authorized.

treeship identity verify-tools --agent my-agent --tools read_file delete_database

Output:

✗ Unauthorized tools detected

  Authorized:
    ✓ read_file
  Unauthorized:
    ✗ delete_database

treeship config

Manage CLI configuration.

treeship config set <key> <value>
treeship config get <key>
treeship config list
treeship config reset

Keys:

Key	Description
`api-key`	API key for authentication
`api-url`	API base URL
`default-agent`	Default agent slug

Exit Codes

Code	Meaning
0	Success
1	Error or verification failed

Scripting Examples

# Create attestation and capture URL
URL=$(treeship attest --action "Deploy" --inputs-hash "..." --quiet)
echo "Attestation: $URL"

# Verify in CI/CD
if treeship verify $ATTESTATION_ID --quiet; then
  echo "Verified!"
else
  echo "Verification failed!"
  exit 1
fi

# Process JSON output
treeship attest --action "..." --inputs-hash "..." --json | jq '.attestation_id'

​CLI Reference

​Installation

​Configuration

​Environment Variables

​Config File

​Commands

​treeship attest

​treeship verify

​treeship whoami

​treeship identity

​identity register

​identity info

​identity set-tools

​identity verify-tools

​treeship config

​Exit Codes

​Scripting Examples

CLI Reference

Installation

Configuration

Environment Variables

Config File

Commands

treeship attest

treeship verify

treeship whoami

treeship identity

identity register

identity info

identity set-tools

identity verify-tools

treeship config

Exit Codes

Scripting Examples