Install troubleshooting

Why Windows says `install.ps1` is dangerous.

Short version: it isn't, and we'll tell you exactly why your machine thinks it is. Then we'll show you how to verify the script yourself — or skip it entirely.

1. What `install.ps1` actually does

The whole file is 110 lines you can read in under a minute. In plain English:

Calls Get-Command node to confirm Node.js ≥ 18 is installed. If not, prints install hints (winget, scoop, nodejs.org) and exits.
Calls Get-Command npm to confirm npm exists.
Runs npm install -g gnamiai.
Calls Get-Command gnami to confirm the binary landed on PATH. If not, prints how to fix the npm prefix.

It does not:

Touch the registry, scheduled tasks, or startup folders.
Read or modify any file outside the npm global directory.
Phone home, send telemetry, or download anything besides what npm pulls.
Persist credentials. (You sign in after install with gnami login.)

2. Why Windows yells anyway

Three independent Windows protections look at PowerShell scripts — Defender (real-time AV), AMSI (Antimalware Scan Interface, body-level scanning), and SmartScreen (reputation). Our installer trips all three for structural reasons that have nothing to do with what it does:

`iwr | iex` is the canonical fileless-dropper shape

Real malware uses Invoke-WebRequest ... | Invoke-Expression to fetch and execute remote code without ever writing a file to disk. AMSI sees that pipe and flags it on principle, even when the URL points somewhere benign. That's why we no longer recommend the iwr | iex form on /cli; the download-then-run flow is two lines instead of one and avoids the heuristic entirely.

A new domain has zero SmartScreen reputation

SmartScreen rates downloads partly by how often other Windows machines have safely run files from the same publisher. gnamiai.live is new — there is no reputation yet, so anything fetched from it lands marked as untrusted publisher. This is normal for any indie project; reputation builds over weeks-to-months as more users install without flagging.

The script isn't code-signed

Windows trusts .ps1 files signed with an Authenticode certificate from a known CA. Ours isn't signed yet (a code-signing cert is on the roadmap). Without a signature, the default ExecutionPolicy on most Windows installs blocks the script before it even runs — that error often gets misread as "Windows said it's a virus".

ANSI escape sequences look like obfuscation

Lines like $Brand = [char]0x1B + "[1;38;5;141m" in the script are just terminal color codes. Some heuristic engines treat any character-arithmetic string-building as possible obfuscation and weight that against the file. Same outcome, different reason.

3. Verify it yourself before running

This is the right move regardless of what your AV says. Two minutes:

Step 1. Download without executing:

iwr https://gnamiai.live/install.ps1 -OutFile install.ps1

Step 2. Read it. It's 110 lines, all of it boring:

notepad install.ps1
# or
code install.ps1

Step 3. Compute its SHA-256 and compare to the value printed below the script at the top of /install.ps1 in your browser:

Get-FileHash install.ps1 -Algorithm SHA256

Step 4. Run it:

.\install.ps1

If your ExecutionPolicy blocks unsigned scripts, you can scope-relax just for this shell session:

Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass
.\install.ps1

That Bypass only affects the current PowerShell process. New windows still inherit your normal policy.

4. Or skip the script entirely

The script is convenience, not necessity. Everything it does boils down to one command:

npm install -g gnamiai

That works on Windows, macOS, and Linux. No PowerShell, no AMSI, no SmartScreen prompt. Then sign in:

gnami login

If gnami isn't on your PATH after install, see /cli for the npm prefix fix.

5. About the CLI itself

Once installed, the gnami CLI does spawn shells (cmd.exe /d /s /c <command> on Windows) and read/write files in your working directory. That's the entire point of the agent: it's a coding assistant. Some real-time AV flags any npm-installed binary that does this — Claude Code, Cursor's agent, aider, and most other agentic dev tools have been flagged the same way.

If yours flags gnami after install:

The source is open at github.com/gabrivardqc123/gnamiai — the relevant file is cli/src/tools.ts.
Every write, edit, and bash invocation prompts you for approval (y / N) before running. Destructive patterns (rm -rf, sudo, curl | sh) always prompt, even with --yes.
File ops are sandboxed to your current working directory unless you pass --no-sandbox.
You can whitelist the npm global bin folder in Defender if you want the warnings to stop. Don't whitelist your whole user profile.

6. Reporting a false positive to Microsoft

If your machine flags install.ps1 or the gnami binary as malware (not just a SmartScreen warning — an actual quarantine), submit it to Microsoft's Defender team:

microsoft.com/en-us/wdsi/filesubmission

Include the file, the detection name Defender showed you, and a note that the source is at github.com/gabrivardqc123/gnamiai. Microsoft usually whitelists within ~24 hours. We'd appreciate a heads-up at security@gnamiai.live too so we can track which detection name fired.

7. What we're doing about it

Promote npm-first install. Done — the CLI page and README now lead with npm install -g gnamiai.
Drop the iwr | iex recommendation. Done. The PowerShell instructions now ask you to download first, read, then run.
Code-sign install.ps1. Planned — getting an OV cert from a CA. Once signed, AMSI stops flagging body content and SmartScreen reputation builds against the cert, not just the domain.
Publish a Winget manifest. Planned — winget install GnamiAI.CLI uses Microsoft's own reputation chain and bypasses the PowerShell heuristic entirely.

Still unsure?

Use npm install -g gnamiai. It's the same outcome with none of the AV friction. The wrapper script exists as a convenience, not a requirement.

CLI install guide Read install.ps1 Security policy