Sprout
Install-fixer CLI for developer tools — macOS, Linux & Windows
Sprout diagnoses and fixes local install/config/PATH problems for developer tools. You tell it what you want installed (or paste a broken install attempt); it detects what this machine actually has, proposes a plain-English plan, runs it step by step with your confirmation, and proves the result with a real verification command — instead of assuming a generic script works everywhere.
It is deliberately not a general coding agent. Its entire world is package managers, PATH, and shell rc files. It won't write your code, review your PRs, or answer unrelated questions — and it orchestrates existing package managers (brew, apt, dnf, winget, choco, scoop, npm, pip, …) rather than reimplementing them.
Platforms: macOS, Linux, and Windows (PowerShell + winget/choco/scoop).
Get started · Community · Contributing · Issues
Install
npm install -g sprout-install
Then verify:
sprout --version
If npm registry access is blocked, use the release tarball fallback instead:
npm install -g https://github.com/murderszn/sprout/releases/download/v0.3.0/sprout-install-0.3.0.tgz
Do not install from the GitHub Pages site URL (murderszn.github.io/sprout) — that serves the website, not the npm package.
Other install options:
npm install -g git+https://github.com/murderszn/sprout.git
# Windows local checkout example:
npm install -g C:\path\to\sprout
From a checkout:
npm install && npm run build && npm link
Setup — Pollinations (BYOP or bring your own key)
Inference goes to Pollinations via its OpenAI-compatible API. Sprout never proxies or phones home with your key — it stays in your env or ~/.sprout/config.json (chmod 600).
Recommended: sprout login (Bring Your Own Pollen)
Authorize Sprout to spend your Pollen balance via Pollinations BYOP:
sprout login
Opens enter.pollinations.ai, you approve access in the browser, and Sprout stores a scoped sk_... key locally. On first run of any command, Sprout offers this flow before asking you to paste a key.
Alternative: paste your own sk_... key
- Get a secret key at https://enter.pollinations.ai.
- Run
sprout config --set-key, or exportSPROUT_API_KEY.
Key resolution order: SPROUT_API_KEY env var → ~/.sprout/config.json → sprout login / interactive prompt. Keys are only ever shown masked (sk_a****xyz).
Default model: gpt-5.4-mini (override per-run with --model, or persistently with sprout config --model <id>).
Usage
sprout install gh # main flow: detect → plan → confirm each step → verify
sprout install claude # agentic coding CLIs: Claude Code, Codex, Gemini, OpenCode, etc.
sprout install ripgrep
sprout --dry-run install node # exact command list, zero side effects
sprout --yes install jq # skip per-step [y/N] prompts (hard guardrails still block)
sprout diagnose < broken.log # pipe a failed install attempt, get a diagnosis + fix plan
brew install foo 2>&1 | sprout diagnose --tool foo
sprout diagnose # interactive: paste the log, end with Ctrl-D
sprout login # authorize with Pollen (BYOP device flow)
sprout config # show masked key + model + config path
sprout config --set-key # store a pasted sk_ key (input hidden)
sprout config --clear-key
sprout config --model gpt-5.4
sprout status # confirm the key works and the model is awake
sprout env # print the environment snapshot the agent sees
Seeded knowledge base (curated per-OS install + verify recipes): Claude Code, OpenAI Codex CLI, Google Antigravity CLI, MiMo Code (also catches "Memo Code"), OpenCode, Gemini CLI, Qwen Code, Sourcegraph Amp, git, node (nvm), python (pyenv), docker, GitHub CLI (gh), GitLab CLI (glab), AWS CLI, kubectl, Homebrew, jq, ripgrep, terraform, Supabase CLI, Databricks CLI, Blender, Go, Rust (rustup), FFmpeg, SQLite3, Poetry, Pandoc. Anything else works too — the model reasons it out live and tells you it's doing so rather than pretending it came from the curated data.
How a run works
- Detect — OS/version, shell + rc file (PowerShell profile on Windows), architecture, which package managers exist, PATH entries. One typed snapshot; everything downstream uses it.
- Plan — the model states a short plain-English plan before any tool call.
- Confirm/execute — each step shows the exact command (an argv array, executed with no shell) and the model's reason. Anything touching sudo, a system package manager, or an rc file asks
[y/N]— default No. Results feed back to the model so it adapts to reality ("already installed", "permission denied") instead of replaying a script. - Verify — after the plan, Sprout runs the tool's verify command itself and shows the real output. "Done" means the verify passed, not that the model said so.
Safety
- No
curl | bash, ever. Remote scripts are downloaded to a file, shown to you, and only run after you confirm the script itself. - Hard-blocked patterns — recursive deletes outside temp space, disk formatting, raw device writes,
/etc/passwd-class files, fork bombs, power control — are refused before a confirmation prompt is even shown, and--yesdoes not override them. - sudo is exceptional: only when a step genuinely requires it, with the reason surfaced before the prompt.
- rc-file edits always show the new content, always confirm (even under
--yes), and back up the previous version next to the file. --dry-runproduces the exact command list with zero side effects.- Commands run as argv arrays via execa — no string interpolation, no shell expansion.
Community
Questions, broken install logs, and knowledge-base ideas belong in Discord (invite link in COMMUNITY.md) or GitHub Issues.
- COMMUNITY.md — Discord setup, channels, branding assets
- CONTRIBUTING.md — add install recipes
- CODE_OF_CONDUCT.md
- SECURITY.md
Development
npm run dev -- install jq # run from source (tsx)
npm test # node:test suite (guardrails, knowledge base, agent loop with a scripted fake model)
npm run build
Copy env.example to .env for local development; dotenv picks it up.
To add a tool to the knowledge base, see CONTRIBUTING.md.
Built by murderszn · MIT · Powered by Pollinations