intellimetrics Learning
Building Module 6 · CLI Tools Setup

Overview & Prerequisites

What you'll learn

~15 min
  • Verify that Node.js and npm are installed and working
  • Install Node.js using nvm if needed
  • Understand what API keys are and how to store them safely
  • Diagnose common proxy and certificate issues on restricted networks
Using a cloud sandbox?

You have two valid paths from here:

  1. Continue through Module 6 — Learn each CLI tool in detail. Every lesson includes a “Cloud Equivalent” callout showing the browser-based alternative. If you’re in Codespaces, you can install and use the tools directly inside your codespace.
  2. Jump to Module 7 — If you’re using Claude Code Web exclusively and don’t need other tools right now, go directly to Module 7: Git.

The domain track lessons (Modules 12-15) work in Codespaces — you don’t need a local install to complete them.

By the end of this lesson, you’ll have a working Node.js environment and understand how API keys work — the two things every CLI tool in this module depends on.

Pre-flight checklist

Before installing any CLI tools, verify these basics:

  1. Terminal works — You can open a terminal and see a prompt (Module 3)
  2. Node.js installed — Run node --version and see v18 or higher
  3. npm works — Run npm --version and see a version number
  4. Git installed — Run git --version and see a version number
  5. Text editor ready — VS Code installed and opens from terminal with code .

All green? You’re ready to install CLI tools. If any check fails, revisit the relevant module before continuing.

What you’re about to install

In the next four lessons, you’ll install and try each of the major LLM CLI tools:

ToolMakerAccessKey strength
Claude CodeAnthropicAPI key or Anthropic accountDeep codebase understanding, long context
Gemini CLIGoogleGoogle accountOpen source, generous usage tier, huge context
Codex CLIOpenAIAPI keyAutonomous task execution
GitHub Copilot CLIGitHub/MicrosoftGitHub account with CopilotIntegration with GitHub ecosystem

You don’t need to install all of them. But we recommend trying at least two — each has different strengths, and knowing multiple tools makes you a more flexible orchestrator.

🔍Think of it like a toolbox

A builder does not use just one tool. They pick the right tool for the job — a hammer for nails, a saw for cutting. LLM CLI tools work the same way. Claude Code is your precision chisel (careful, thoughtful work). Gemini CLI is your versatile drill (fast, handles big jobs). Codex CLI is your power sander (autonomous, covers a lot of ground). Copilot CLI is your tape measure (quick lookups and suggestions). You’ll develop preferences, but knowing all four makes you effective in any situation.

Why Linux?

If you’re on a Windows machine — especially in a Windows-centric organization — you might wonder why this course keeps pointing toward Linux and WSL. Fair question. Here’s the direct answer:

These tools were built for Linux first. Claude Code, Gemini CLI, and Codex CLI originated on Linux and macOS. Their plugin ecosystems, sandboxing features, and community tooling assume a Unix-like shell. Windows-native support has matured significantly in early 2026 (see the table below), but the ecosystem still leans Linux — docs are Linux-first, community answers assume bash, and most tutorials assume a Unix shell.

Industry at scale runs Linux. Netflix, Amazon, Google, every major cloud provider, most CI/CD pipelines, and the vast majority of production servers run Linux. The agentic CLI tools are built by and for people in that ecosystem. This is not niche — it is the mainstream of modern software infrastructure.

WSL is Microsoft’s own answer to this reality. Windows Subsystem for Linux is not a workaround or a hack. Microsoft built WSL2 because they recognized that developers need Linux tooling. It ships with Windows, runs a real Linux kernel, and integrates seamlessly with VS Code. Using WSL is not “leaving Windows” — it is using Windows the way Microsoft designed it for development work.

Learning Linux fundamentals is a career investment. Even if your day job is Windows-only today, the commands you learn here (bash, ssh, git, npm) transfer to cloud environments, CI/CD pipelines, Docker containers, and server administration. These are durable skills, not a detour.

Windows Native vs WSL

As of early 2026, some tools now offer Windows-native support. Here’s the current state:

ToolWindows NativeWSLRecommendation
Claude CodeFull support (PowerShell, CMD, Git Bash)Full supportEither works — WSL for consistency
Gemini CLIFull support (needs Node.js)Full supportEither works
Codex CLIDesktop app via Microsoft StoreFull CLI supportWSL for CLI, desktop app as alternative
Copilot CLIGA since Feb 2026 (gh extension)Full supportEither works

Our recommendation: use WSL. Not because Windows-native doesn’t work, but because WSL gives you a consistent environment across all four tools, matches the commands in every tutorial you’ll find online, and builds transferable Linux skills. If you already have WSL set up from Module 3, stay in it.

Windows-native is a viable fallback if WSL isn’t an option (corporate lockdown, IT policy, personal preference). Each tool lesson below notes the Windows-native path where applicable.

Prerequisites

In this course, we use Node.js Node.js A platform that runs JavaScript outside the browser. Learn more → -based install paths for all CLI tools, so Node.js is required for this module. Node.js is a platform that lets JavaScript run outside the browser — it powers the installer ( npm npm Node Package Manager — installs JavaScript tools and libraries. Learn more → ) that these CLI tools use.

Which shell should I be in?

Everything in this module assumes you’re in a bash or zsh shell — the default on macOS, Linux, and WSL. If you’re on Windows without WSL, the Windows-native paths noted in each lesson will work in PowerShell or Git Bash. If you don’t have WSL yet and want to set it up, complete Module 3 first, then return here. If you’re connected to a remote server via SSH or VS Code Remote, you’re already in a Linux shell. Not sure? Run echo $SHELL — it should show /bin/bash or /bin/zsh.

Preflight check

Before installing anything, let’s make sure your environment can reach the tools you need. Run each of these:

Terminal window
# Can you reach the npm registry?
curl -s https://registry.npmjs.org/ | head -c 100


# Do you have git?
git --version


# What shell are you in?
echo $SHELL

If curl is not installed, run sudo apt install curl (Linux/WSL) or brew install curl (macOS). If curl to the npm registry fails, you may be behind a corporate proxy or firewall — see the troubleshooting section at the bottom of this lesson.

Check if you already have Node.js

If you completed Module 3, you may already have Node.js installed. Let’s check:

Terminal window
node --version

If you see something like v20.11.0 or higher, you’re good — skip to the “API Keys” section below.

If you see “command not found” or a version below v18, install it using the method below. If you skipped Module 3, don’t worry — we’ll walk through it now.

nvm (Node Version Manager) is the best way to install Node.js because:

  • It doesn’t require sudo or admin rights
  • It installs Node in your home directory (no permission issues)
  • You can easily switch between Node versions later

This works on macOS, Linux, and WSL:

Terminal window
# Install nvm
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.1/install.sh | bash


# Reload your shell config
# bash users:
source ~/.bashrc
# zsh users (macOS default):
source ~/.zshrc


# Install the latest LTS version of Node.js
nvm install --lts


# Verify
node --version
npm --version

Both should print version numbers. You’re ready.

💡If 'nvm' isn't found after install

Close your terminal completely and reopen it. The nvm install script adds itself to your shell config file (~/.bashrc or ~/.zshrc), but that only takes effect in new terminal sessions. If you’re in VS Code, open a new terminal panel.

Alternative: Direct install (if nvm doesn’t work)

If you can’t use nvm (corporate restrictions, etc.):

macOS with Homebrew:

Terminal window
brew install node

Ubuntu/Debian (WSL or server):

Terminal window
sudo apt update && sudo apt install -y nodejs npm
node --version

After installing, check the version with node --version. The default Ubuntu repositories often contain older versions of Node.js. If apt installs a version lower than v18, download the LTS version directly from nodejs.org or use the NodeSource repository instead.

Or download from nodejs.org — grab the LTS version.

What’s npx?

You’ll see npx in some installation instructions. The difference:

  • npm install -g tool — downloads and permanently installs a tool
  • npx tool — downloads and runs a tool temporarily

For CLI tools you’ll use regularly, npm install -g is better so you don’t re-download every time.

If 'npm install -g' gives a permission error

If you see an EACCES or “permission denied” error, this usually means Node.js was installed system-wide instead of via nvm. The best fix is to install nvm and switch to it — global installs will then work without sudo. As a last resort on managed systems, you can prefix with sudo (sudo npm install -g tool), but this is not recommended as a habit.

API keys — what they are and how to handle them

Most AI CLI tools require an API Key API Key A secret string that authenticates your account with an AI service. Learn more → — a secret string that identifies your account and lets the tool talk to the AI service. You’ll get this from each provider’s website.

Key safety rules

  • Never share your API key with anyone
  • Never paste it into a public chat, email, or code repository
  • Never put it in a file that gets committed to git (add .env to your .gitignore)
  • If you accidentally expose a key, revoke it immediately from the provider’s dashboard

Storing keys safely

Most CLI tools store your key in a local config file automatically. But if you need to set one manually:

Terminal window
# Set for your current session
export ANTHROPIC_API_KEY="sk-ant-your-key-here"


# Make it permanent (add to your shell config)
# bash users:
echo 'export ANTHROPIC_API_KEY="sk-ant-your-key-here"' >> ~/.bashrc
source ~/.bashrc
# zsh users (macOS default):
echo 'export ANTHROPIC_API_KEY="sk-ant-your-key-here"' >> ~/.zshrc
source ~/.zshrc
On shared machines (university servers, lab workstations)

If other users can access the same machine, be careful with API keys in your shell config. Your ~/.bashrc is often world-readable by default on multi-user systems (permissions 644). Check with ls -la ~/.bashrc — the permissions should be -rw------- (only you can read/write). If not, run chmod 600 ~/.bashrc (or ~/.zshrc). Consider asking your instructor about shared training keys instead.

🧬In Your Field: Biotechclick to expand

If you’re on a shared server or lab workstation (e.g., a lab’s analysis node), multiple people may have accounts on the same machine. Always check file permissions on your shell config, and consider using a .env file in your home directory with chmod 600 instead of putting keys directly in .bashrc. This way, you can revoke one project’s keys without affecting your shell.

🏛️In Your Field: Government / State Devclick to expand

Highly secure corporate or government networks often block outbound connections to registries like npmjs.org. If your organization uses an internal package mirror or Artifactory instance, you’ll need to configure npm to use it: npm config set registry https://your-agency-mirror.example.gov/npm/. Check with your IT security team — they may also require you to use pre-approved tool versions from an internal catalog rather than installing directly from the public registry.

Authentication over SSH (the browser problem)

Some tools (like claude or gh auth login) want to open a web browser for authentication. If you’re SSH’d into a remote server, there’s no browser to open. Solutions:

  1. Device flow: Some tools show a URL and a code. Open the URL on your local machine’s browser, enter the code, and the remote tool gets authenticated.
  2. API key directly: Set the API key as an environment variable before starting the tool — this bypasses browser-based auth entirely.
  3. Authenticate locally first, then copy: Run the tool on your local machine to authenticate, then copy the generated config file to your remote server (usually in ~/.config/ or a tool-specific directory). This works for some tools only — prefer device flow or API key env vars unless the tool’s docs explicitly support config-file transfer.

Each tool lesson will cover authentication specifically.

Troubleshooting: Proxy and network issues

If you’re on a university network, corporate VPN, or government network, you may hit issues with SSL certificates or blocked registries.

Symptom: npm install fails with certificate errors

error SELF_SIGNED_CERT_IN_CHAIN

This usually means your network is doing SSL inspection. Fixes:

Terminal window
# Option 1: Tell npm to use your system's certificate bundle
npm config set cafile /etc/ssl/certs/ca-certificates.crt


# Option 2: If you have a specific corporate cert file
npm config set cafile /path/to/your/corporate-ca.pem


# Option 3 (last resort, NOT recommended for production):
npm config set strict-ssl false

Symptom: Network timeout / can’t reach registry

Your network might require a proxy:

Terminal window
npm config set proxy http://proxy.example.com:8080
npm config set https-proxy http://proxy.example.com:8080

Ask your IT team for the proxy address. Or use GitHub Codespaces to bypass network restrictions entirely.

🔧

When Things Go Wrong

Use the Symptom → Evidence → Request pattern: describe what you see, paste the error, then ask for a fix.

Symptom
nvm: command not found (after running the install script)
Evidence
bash: nvm: command not found
What to ask the AI
"I installed nvm using the curl script but my terminal says 'nvm: command not found.' I'm using bash on WSL/macOS/Linux. How do I fix this?"
Symptom
npm install -g fails with EACCES permission error
Evidence
npm ERR! Error: EACCES: permission denied, mkdir '/usr/local/lib/node_modules'
What to ask the AI
"I get a permission denied error when running npm install -g. I installed Node.js with apt instead of nvm. What's the safest way to fix this without using sudo for every install?"
Symptom
curl to npm registry returns nothing or times out
Evidence
curl: (7) Failed to connect to registry.npmjs.org port 443: Connection timed out
What to ask the AI
"I can't reach the npm registry from my terminal. I'm on a university/corporate network. How do I configure npm to work behind a proxy?"

Ready?

If you can run node --version and npm --version and see version numbers, you’re set. Let’s install your first tool.

Key Takeaways

  • This module’s CLI tools use Node.js install paths — install it with nvm to avoid permission headaches
  • API keys are passwords — never commit them to git, never share them publicly
  • Network restrictions are common on university and government networks — know how to configure proxies and certificates
  • You don’t need every tool — try at least two and pick the ones that fit your workflow
  • SSH environments skip the browser — use API keys or device flow for remote authentication