Quick Start
Install ArmorClaude and see it enforce tool calls in under 2 minutes
Quick Start
Get ArmorClaude running in under 2 minutes. An ArmorIQ account is required to authenticate the plugin.
Prerequisites
- Claude Code 2.x or Claude Desktop
curl(preinstalled on every macOS + Linux)- macOS, Linux, or Windows with WSL or any bash-compatible shell (Git Bash works; Git itself is not required)
Install
curl -fsSL https://armoriq.ai/install_armorclaude.sh | bashcurl -fsSL https://armoriq.ai/install_armorclaude.sh | bashRun from WSL or Git Bash, not PowerShell/CMD.
The installer handles everything: adds the marketplace, installs the plugin, installs the ArmorIQ CLI, and optionally connects your ArmorIQ account.
When prompted "Connect your ArmorIQ account now?" press Y to authenticate via browser. Declining the prompt aborts the install. You can re-run the installer or armoriq login anytime to connect.
Manual install (without the curl script):
claude plugin marketplace add armoriq/armorClaude
claude plugin install armorclaude@armoriqVerify Installation
After the installer finishes, verify everything is set up:
claude plugin listYou should see:
Installed plugins:
armorclaude@armoriq
Version: 0.2.4
Scope: user
Status: enabledIf you connected your ArmorIQ account during install, verify the login:
armoriq whoamiYou should see:
ArmorIQ Credentials
Email: you@company.com
API Key: ak_live_xxxxxxxx...
User ID: ...
Org ID: ...
File: ~/.armoriq/credentials.jsonIf you skipped the login, you can connect anytime:
armoriq loginThis opens your browser. Sign in with Google or GitHub, click Authorize, and the key is saved automatically. ArmorClaude picks it up on the next Claude session.
Try It
Open Claude Code in any project:
mkdir -p /tmp/demo && cd /tmp/demo
echo "# My Project" > README.md
claudePrompt:
Read README.md and tell me what's in it.What happens:
- Claude calls
register_intent_plandeclaring it will useRead - ArmorClaude stores the plan
- Claude calls
Read. ArmorClaude checks it against the plan and allows it - Claude returns the file contents
You will see in the transcript:
register_intent_plan: Intent registered: 1 steps.
Read 1 fileBlock Something
Set a policy rule using the /armor command:
/armor policy add deny WebFetchArmorClaude stages the change and shows a diff. Confirm it:
/armor yesNow try:
Fetch https://example.comResult:
ArmorClaude policy deny: stmt_1The tool call is blocked before execution. Claude sees the denial and tells the user.
To remove the rule:
/armor policy remove stmt_1
/armor yesWhat You Just Saw
| Feature | What happened |
|---|---|
| Intent plan | Claude declared Read before using it |
| Plan enforcement | Read was in the plan, so it was allowed |
| Policy rule | deny WebFetch blocked the fetch call |
| Policy management | Rules created and deleted from the chat prompt |
Next Steps
- Policy Rules - rule effects, data classification, policy IR format
- Command Reference - complete
/armorcommand list - MCP Tools - intent registration, policy read, trust operations
- Policy Profiles - save, switch, and share policies
- Plan Mode - use with Claude's built-in plan mode
- Configuration - API key, environment variables, plugin settings
- Concepts - how intent enforcement works under the hood