@belmonddev/aikido-cli

v2.0.0

Published

2 months ago

CLI tool for Aikido Security platform - list issues, repos, and export security data

0High
0Medium
0Low

maxatbelmond

dgon45

dabit1belmond

aikido security cli vulnerability scanning

@belmonddev/aikido-cli

CLI tool for interacting with the Aikido Security platform. List security issues, repositories, and export vulnerability data directly from the command line.

Installation

npm install -g @belmonddev/aikido-cli

Or use directly via npx:

npx @belmonddev/aikido-cli <command>

Authentication

The Aikido CLI uses OAuth Client Credentials (not IDE tokens).

Interactive Login (Recommended)

Run the login command:
```
belmond-aikido login
```
A browser will open to Aikido's API Credentials page
Click "Add Client" to create new credentials
Copy your Client ID and Client Secret
Enter them when prompted

Credentials are stored in ~/.config/belmond-aikido/config.json.

Environment Variables (For CI/CD)

Set the following environment variables:

export AIKIDO_CLIENT_ID="your-client-id"
export AIKIDO_CLIENT_SECRET="your-client-secret"

Create client credentials at: https://app.aikido.dev/settings/integrations/api/aikido/rest

Note: IDE Personal Access Tokens (from /settings/integrations/ide) do NOT work with this CLI. You need API Client Credentials.

Commands

`login`

Authenticate with Aikido using OAuth Client Credentials.

belmond-aikido login

`logout`

Remove stored credentials.

belmond-aikido logout

`repos`

List all connected code repositories.

belmond-aikido repos
belmond-aikido repos --json

`issues`

List open security issues.

# List all issues
belmond-aikido issues

# Filter by severity
belmond-aikido issues --severity critical

# Filter by repository
belmond-aikido issues --repo vision

# Filter by status
belmond-aikido issues --status new
belmond-aikido issues --status todo
belmond-aikido issues --status pull_request_open

# Combine filters
belmond-aikido issues --severity high --repo my-app

# Limit results
belmond-aikido issues --limit 10

# JSON output for scripting
belmond-aikido issues --json

Options:

-s, --severity <level> - Filter by severity (critical, high, medium, low)
-r, --repo <name> - Filter by repository name (partial match supported)
--status <status> - Filter by status (new, todo, pull_request_open)
-l, --limit <number> - Limit number of results
--json - Output as JSON

`issue <id>`

Get details for a specific issue.

belmond-aikido issue 12345
belmond-aikido issue 12345 --json

`export`

Export all issues to a file.

# Export as JSON
belmond-aikido export --output issues.json

# Export as CSV
belmond-aikido export --format csv --output issues.csv

# Filter exports
belmond-aikido export --severity critical --output critical-issues.json

Options:

-f, --format <format> - Output format: json (default) or csv
-o, --output <file> - Output file path
-s, --severity <level> - Filter by severity
-r, --repo <name> - Filter by repository

Examples

# Quick check of critical issues
belmond-aikido issues --severity critical

# Export issues for a specific repo
belmond-aikido export --repo vision --output vision-issues.json

# Get detailed info about an issue
belmond-aikido issue 12345

# JSON output for scripting
belmond-aikido issues --json | jq '.[] | select(.severity == "critical")'

Programmatic Usage

The package also exports classes for programmatic use:

import { createAuth, createClient } from '@belmonddev/aikido-cli';

const auth = createAuth();
const client = createClient(auth);

// Fetch repositories
const repos = await client.getRepositories();

// Fetch issues with filters
const issues = await client.getIssueGroups({
  severity: 'critical',
  repo: 'my-repo',
});

// Get issue details
const detail = await client.getIssueGroupDetail(12345);

// Export issues
const exportData = await client.exportIssues({ format: 'json' });

Configuration

Config file location: ~/.config/belmond-aikido/config.json

The CLI stores:

OAuth Client ID and Secret
Access tokens and refresh tokens
Token expiry information

Troubleshooting

"No credentials found"

Run belmond-aikido login or set environment variables AIKIDO_CLIENT_ID and AIKIDO_CLIENT_SECRET.

"Authentication failed"

Your token may have expired. Run belmond-aikido login to re-authenticate.

"Rate limit exceeded"

Wait a few minutes before making more requests.

API Reference

This CLI uses the Aikido Public REST API. Full documentation: https://apidocs.aikido.dev/

License

ISC

Published

Vulnerabilities

Links

Maintainers

Keywords

Readme

@belmonddev/aikido-cli

Installation

Authentication

Interactive Login (Recommended)

Environment Variables (For CI/CD)

Commands

login

logout

repos

issues

issue <id>

export

Examples

Programmatic Usage

Configuration

Troubleshooting

"No credentials found"

"Authentication failed"

"Rate limit exceeded"

API Reference

License

`login`

`logout`

`repos`

`issues`

`issue <id>`

`export`