dotset trap
Inject a Deadfall honeypot trap into a file. This is a convenience wrapper around thedeadfall trap command.
Usage
Arguments
| Argument | Description |
|---|---|
type | Trap type (see below) |
path | Path to the file to create/inject |
Options
| Option | Description |
|---|---|
--install | Auto-install Deadfall if missing |
Trap Types
| Type | Description | Target |
|---|---|---|
cursor-rules | Cursor AI rules file | Cursor |
claude-context | Claude context file | Claude Code |
copilot-instructions | GitHub Copilot instructions | GitHub Copilot |
mcp-config | MCP configuration honeypot | MCP clients |
context | Generic context file | Any AI assistant |
code | Source code with hidden trap | Code readers |
env | Environment file honeypot | Config readers |
Examples
How Traps Work
Honeypot traps exploit AI assistants’ instruction-following behavior:- Trap file is created — Contains hidden instructions for AI assistants
- AI reads the file — When exploring the codebase or following user requests
- AI follows instructions — Calls a special “verification” tool
- Alert triggered — Deadfall detects the tool call and alerts you
Example Trap Content
A.cursorrules trap might contain:
Running the Alert Server
After creating traps, start the Deadfall server to receive alerts:Alert Example
When a trap triggers:Exit Codes
| Code | Meaning |
|---|---|
0 | Trap created successfully |
1 | Error (Deadfall not installed, invalid type, etc.) |
See Also
- Deadfall CLI — Full Deadfall documentation
- Detection Concepts — How detection works
- dotset run — Run with Deadfall server automatically