Getting Started

Five minutes from install to your first signed EU AI Act Article 12 audit report.

What you'll have at the end: A working SteelSpine install, your first agent run captured and replayable, and a tamper-evident HTML audit report your auditor or compliance team can independently verify.

Before you start

You'll need:

The five-minute walkthrough

1

Install

Download the bundle and extract it:

curl -O https://steelspine.ai/download/steelspine_bundle_20260514T000937.tgz
tar -xzf steelspine_bundle_*.tgz -C ~/
bash ~/.prime/setup.sh
source ~/.bashrc

The download is ~10MB. Setup creates ~/.prime/, makes the binaries executable, adds PATH, generates your signing key, and runs a smoke test. About five seconds.

The bundle is public but inert without a valid license key — activation in step 2 is what makes it work.

Verify:

steelspine --version     # SteelSpine 1.0.0
steelspine status        # quick health check
2

Activate your license

Use the license key from your purchase email:

steelspine license activate YOUR-KEY-HERE

This calls Lemon Squeezy's licensing API, registers your machine, and caches the validation locally. Re-validation happens automatically every 24 hours; offline grace is 7 days.

Confirm:

steelspine license status
3

Capture your first run

Pick any command. Wrap it with steelspine run:

steelspine run python3 -c "print('hello'); print('world')"

You'll see your original output stream live, plus a run_id (e.g. run_0001) and a plain-English verdict. That's the whole API. No SDK import. No code changes. Works with any binary in any language.

4

Run again — auto-compare fires

Run the same command. SteelSpine auto-compares to the previous run:

steelspine run python3 -c "print('hello'); print('world')"
# → "Both runs succeeded with identical output."

Now change the command. Comparison fires again:

steelspine run python3 -c "print('hello'); raise SystemExit(1)"
# → "Run B FAILED where A SUCCEEDED. First divergence: line 2."

This is the moment that sells the product. Whatever your agent does — LLM call, tool use, decision — when it diverges from a known-good run, SteelSpine tells you exactly where.

5

Generate your EU AI Act Article 12 audit

One command produces a self-contained, cryptographically sealed HTML report:

steelspine verify-run --compliance-html > audit.html

Open audit.html in any browser. It's a single file your auditor can open, with HMAC-SHA256 chain integrity, Ed25519 seals, compliance tags (EU AI Act Art.12, ISO 42001, NIST AI RMF, AIUC-1), event timeline, and a pass/fail verdict.

For plain-text:

steelspine verify-run > audit.txt

Where to go next

If you want to…Run
See all 30+ commandssteelspine help
Get detailed help on one commandsteelspine help <command>
Open the browser dashboardsteelspine ui
Diagnose a failed runsteelspine diagnose <run_id>
Score runs in CIsteelspine eval --last 10 --min-pass-rate 0.9
Replay a captured run offlinesteelspine replay-run <run_id>
Wire up an LLM agent for memorysteelspine setup
Group runs across multiple terminalssteelspine run --session NAME ...
List runs in a specific sessionsteelspine run list --session NAME

Working across multiple terminals

Each invocation of steelspine run creates a unique run_id tied to that subprocess. Two terminals running captures simultaneously each get distinct run_ids and don't collide. To group runs that belong to the same logical experiment or session, use the --session flag:

# In terminal 1
steelspine run --session experiment-3 python3 agent_v1.py

# In terminal 2
steelspine run --session experiment-3 python3 agent_v2.py

Or set the env var once and tag every subsequent run in that terminal automatically:

export STEELSPINE_SESSION=experiment-3
steelspine run python3 agent.py     # tagged automatically
steelspine run python3 agent.py     # tagged automatically

Then filter listings to that session:

steelspine run list --session experiment-3

Storage management

Captured runs accumulate over time. SteelSpine watches storage automatically:

When the warning fires, two paths to free space without losing context:

steelspine storage auto      # promote entities + prune old runs (non-interactive)
steelspine storage           # interactive wizard (5 options including USB archive)

Continuity protection: any pruning step automatically promotes ALL entity snapshots to the permanent entities/ store before removing data. Memory-agent continuity survives every storage operation.

Common gotchas

steelspine: command not found after install

Setup added PATH to ~/.bashrc but your current shell hasn't reloaded. Either run source ~/.bashrc or open a new terminal.

"Permission denied" running any command

bin/ scripts lost their executable bit. Run chmod +x ~/.prime/bin/* or just re-run bash ~/.prime/setup.sh.

Output is missing or buffered when piping

Python and some tools buffer stdout when stdout isn't a TTY. Force unbuffered:

steelspine run python3 -u my_agent.py
# or
steelspine run stdbuf -o0 my_command

verify-run shows TAMPERED unexpectedly

Some other process modified files in ~/.prime/runs/ or ~/.prime/sidecar/. Check the timestamps. If you didn't touch them, see TROUBLESHOOTING for the full integrity-debugging flow.

Integration examples

Real working examples are in the ~/.prime/examples/ directory after install:

For compliance officers and auditors

The output of steelspine verify-run --compliance-html is the deliverable for EU AI Act Article 12 record-keeping requirements. The full clause-by-clause mapping (Article 12 + ISO/IEC 42001 + NIST AI RMF) is in docs/COMPLIANCE.md.

For multi-user deployments where the signing key should be held by the compliance officer (not the AI developer):

export STEELSPINE_ORG_KEY=/path/managed/by/compliance/signing.key

Managing your subscription

To view your subscription, change your payment method, or cancel — all of it lives in your Lemon Squeezy customer portal:

steelspine.lemonsqueezy.com/billing

Enter the email address you used at purchase. Lemon Squeezy will send a magic link to that inbox — click it to log in. From there: cancel anytime, change card on file, download invoices.

Cancel mid-trial (within 14 days): no charge at all; your access stops at the end of the cycle's next validation check (typically within 24 hours, max 7 days if you're offline).

Cancel after first charge: your subscription stays active through the end of the billing period you already paid for, then expires.

A note on the "Never expires" label. When you log into the LS portal you'll see your license key marked as "Never expires." That refers to the key string itself — it doesn't have a fixed expiration date attached. Your actual access to SteelSpine is gated by your subscription state. Cancel your subscription and the license key is auto-disabled at the next validation; the CLI stops working as designed.

Refund policy: full refund within the trial. Pro-rated refund after first charge if you cancel within 7 days of a billing cycle. See refund policy for the full terms.

Help

Stuck? Three places to look, in order:

  1. steelspine doctor --fix — auto-detects and repairs most common issues
  2. docs/TROUBLESHOOTING.md — 25+ symptoms with real fixes
  3. Email hello@steelspine.ai with your steelspine doctor --json output and the relevant log file
← Back to home Full documentation →