SynapseAudit CLI

AI-Powered Security Scanner for modern development workflows.

Professional-grade security analysis that works seamlessly in your terminal. Detect vulnerabilities, get AI-powered fixes, and integrate security into your continuous integration pipelines.

Features

• Cloud Authentication: Sign in to sync results across devices.
• Hybrid Analysis: Static Analysis (AST) combined with Dynamic Analysis and AI verification.
• Advanced Forensics: Code similarity analysis and AI-generated code detection.
• Dashboard Integration: View and manage scans in the web dashboard.
• VS Code Extension Sync: Seamless integration with the SynapseAudit VS Code extension.
• SynapseCortex AI: Advanced contextual vulnerability analysis.
• Analytics & Tracking: Monitor security trends and metrics over time.
• Team Collaboration: Share results and manage project security posture.

Quick Start

Installation

SynapseAudit CLI is available on npm.

# Global installation (Recommended)
npm install -g @digidenone/synapseaudit

# Execute without installation (npx)
npx @digidenone/synapseaudit scan .

Usage

# Scan current directory
synapse-audit scan .

# Scan specific file
synapse-audit scan ./src/index.js

# Use short alias
sa scan .

# Scan with AI analysis enabled
synapse-audit scan . --ai

# Export results to JSON
synapse-audit scan . --output report.json

Commands

scan [path]

Scan files or directories for security vulnerabilities.

# Scan current directory
synapse-audit scan .

# Scan specific directory
synapse-audit scan ./src

# Scan single file
synapse-audit scan ./app.js

# Scan with options
synapse-audit scan . --severity high --format json

Options:

• -o, --output <file>: Save report to file
• --ai: Use AI-powered analysis
• --fix: Auto-apply fixes where possible
• --ignore <patterns>: Ignore files/patterns
• --no-progress: Hide progress bar

analyze <subcommand>

Hybrid analysis engine.

# Hybrid scan (Static + Dynamic + AI)
sa analyze hybrid .

# Code review
sa analyze code src/payment.ts

# Dependency check
sa analyze deps .

security <subcommand>

Specialized security suites.

# Web application scan
sa security web https://example.com

# Network scan
sa security network 192.168.1.1

# Cloud audit
sa security cloud <target>

# SCA Dependency Check
sa security sca .

# Secret Scanning
sa security secrets .

# IaC Security Config
sa security iac .

# Generate SBOM
sa security sbom .

advanced <subcommand>

New in v3.0: Forensics tools.

# Detect AI-generated code
sa advanced ai-detect src/bot.js

# Check code similarity
sa advanced compare fileA.js fileB.js

explain <vuln>

Get AI explanations for vulnerabilities.

sa explain SQL_INJECTION

mcp

Start Model Context Protocol server for AI assistants.

sa mcp

auth

Authenticate with SynapseAudit for cloud features.

# Sign in (opens browser - recommended)
synapse-audit auth login

# Sign in with GitHub device code
synapse-audit auth login

# Sign in with API key
synapse-audit auth login

# Check authentication status
synapse-audit auth status

# Sign out
synapse-audit auth logout

Authentication Methods:

1. Web Browser (Recommended) - Opens dashboard for OAuth sign-in
2. GitHub Device Code - Authenticate via GitHub
3. API Key - Use generated API key from dashboard
4. GitHub Token - Personal access token

Cloud Features (requires authentication):

• Sync scan results to web dashboard
• Track vulnerabilities over time
• Team collaboration and sharing
• Real-time notifications
• Usage analytics and insights
• VS Code extension integration

dashboard

Access web dashboard and cloud features.

# Open dashboard in browser
synapse-audit dashboard open

# View your projects
synapse-audit dashboard projects

# View recent scans
synapse-audit dashboard scans

# Create a new project
synapse-audit dashboard create-project --name "My App"

# View analytics
synapse-audit dashboard analytics

# View notifications
synapse-audit dashboard notifications

# Check connection status
synapse-audit dashboard status

# Sync all data to cloud
synapse-audit dashboard sync

Dashboard Pages:

• /dashboard - Overview and statistics
• /dashboard/scans - All your security scans
• /dashboard/projects - Manage projects
• /dashboard/vulnerabilities - Track all vulnerabilities
• /dashboard/analytics - Usage insights
• /dashboard/settings - Account settings

config

Manage configuration and AI providers.

# Setup wizard
synapse-audit config

# Set AI provider
synapse-audit config set ai.provider openai
synapse-audit config set ai.apiKey sk-...

# View current config
synapse-audit config list

# Reset to defaults
synapse-audit config reset

Supported AI Providers:

• OpenAI (GPT-4, GPT-3.5)
• Anthropic (Claude 3)
• Google (Gemini)
• Azure OpenAI
• Ollama (Local models)
• Custom endpoints

fix [path]

Get AI-powered fix suggestions for vulnerabilities.

# Get fix suggestions for file
synapse-audit fix ./vulnerable-file.js

# Auto-apply fixes
synapse-audit fix . --auto-apply

# Interactive fix mode
synapse-audit fix . --interactive

report

Generate comprehensive security reports.

# Generate HTML report
synapse-audit report --format html --output report.html

# Generate SARIF for GitHub
synapse-audit report --format sarif --output results.sarif

# Generate PDF report (requires puppeteer)
synapse-audit report --format pdf --output audit.pdf

ignore

Manage file exclusion patterns.

# Create .synapseaudit-ignore file
synapse-audit ignore init

# Add pattern
synapse-audit ignore add "node_modules/**"

# List ignored patterns
synapse-audit ignore list

# Test if file would be ignored
synapse-audit ignore test ./src/file.js

init

Initialize SynapseAudit in your project.

# Interactive setup
synapse-audit init

# Quick setup with defaults
synapse-audit init --yes

# Add to package.json scripts
synapse-audit init --scripts

Detailed Capabilities

Security Scanning

• 50+ Vulnerability Types: SQL injection, XSS, code injection, secrets detection.
• Multi-Language Support: JavaScript, TypeScript, Python, Java, PHP, C/C++, Go, Ruby.
• Real-time Analysis: Fast pattern matching combined with optional AI analysis.
• Severity Levels: Critical, High, Medium, Low with clear prioritization.

AI-Powered Intelligence

• Multiple AI Providers: OpenAI, Anthropic, Google, Ollama, Custom.
• Smart Fixes: Context-aware code improvements.
• Automated Remediation: One-command vulnerability fixing.
• Deep Code Understanding: Goes beyond simple pattern matching.

Reporting

• Multiple Formats: Table, JSON, HTML, SARIF, Markdown.
• CLI Output: Color-coded results with progress bars.
• Export Options: Save to file, clipboard, or stdout.
• CI/CD Integration: Exit codes and machine-readable output.

Developer Experience

• Interactive Mode: Choose which fixes to apply.
• Watch Mode: Continuous scanning during development.
• Git Integration: Scan only changed files.
• GitHub Actions: Pre-built workflows.
• VS Code Integration: Works alongside the extension.

Integrations

Web Dashboard

• Sync scan results to cloud dashboard.
• View historical trends and analytics.
• Share results with team members.
• Access from anywhere: https://synapseaudit.digidenone.tech

VS Code Extension

• Seamless data synchronization.
• View CLI scan results in editor.
• Unified security workflow.
• Install: VS Code Marketplace

SynapseCortex AI Engine

• Advanced AI-powered analysis.
• Deep code understanding.
• Context-aware vulnerability detection.
• Automated fix generation.

Backend API

• RESTful API access.
• Programmatic scan management.
• Custom integrations.
• API endpoint: https://synapseaudit.digidenone.tech/api

Appwrite Backend

• Database synchronization.
• User authentication via Clerk.
• Real-time data updates.
• Secure cloud storage.

Admin Panel

• User management.
• Analytics dashboard.
• System monitoring.
• Team administration.

Configuration

Configuration File

Create .synapseaudit.json in your project root:

{
  "severity": "medium",
  "ignore": [
    "node_modules/**",
    "dist/**",
    "*.min.js"
  ],
  "ai": {
    "provider": "openai",
    "model": "gpt-4",
    "enabled": true
  },
  "rules": {
    "no-hardcoded-secrets": "error",
    "no-sql-injection": "error",
    "no-xss": "warn"
  },
  "output": {
    "format": "table",
    "verbose": true
  }
}

Environment Variables

# API Configuration
SYNAPSE_API_ENDPOINT=https://synapseaudit.digidenone.tech/api
SYNAPSE_DASHBOARD_URL=https://synapseaudit.digidenone.tech

# Appwrite Configuration (for cloud sync)
SYNAPSE_APPWRITE_ENDPOINT=https://nyc.cloud.appwrite.io/v1
SYNAPSE_APPWRITE_PROJECT_ID=688dbafb003360755658
SYNAPSE_APPWRITE_DATABASE_ID=synapseaudit_db

# GitHub OAuth
SYNAPSE_GITHUB_CLIENT_ID=your_github_app_client_id

# Clerk Authentication (optional)
SYNAPSE_CLERK_PUBLISHABLE_KEY=pk_live_...

# SynapseCortex AI Engine
SYNAPSE_CORTEX_ENDPOINT=https://api.synapseaudit.digidenone.tech/cortex
SYNAPSE_CORTEX_API_KEY=your_cortex_api_key

# AI Provider Configuration (for local AI)
SYNAPSE_AUDIT_AI_PROVIDER=openai
SYNAPSE_AUDIT_AI_KEY=sk-...
SYNAPSE_AUDIT_AI_MODEL=gpt-4

# Feature Flags
SYNAPSE_ENABLE_CLOUD_SYNC=true
SYNAPSE_ENABLE_AI_ANALYSIS=true
SYNAPSE_ENABLE_AUTO_FIX=true
SYNAPSE_EXTENSION_SYNC_ENABLED=true

# Debug
DEBUG=false
SYNAPSE_LOG_LEVEL=info

Setting Environment Variables:

Create ~/.synapseaudit/.env file:

# Copy the example file
cp cli/.env.example ~/.synapseaudit/.env

# Edit with your values
nano ~/.synapseaudit/.env

Or set system-wide:

# Linux/macOS - Add to ~/.bashrc or ~/.zshrc
export SYNAPSE_API_ENDPOINT="https://synapseaudit.digidenone.tech/api"

# Windows PowerShell
$env:SYNAPSE_API_ENDPOINT="https://synapseaudit.digidenone.tech/api"

# Windows CMD
set SYNAPSE_API_ENDPOINT=https://synapseaudit.digidenone.tech/api

Ignore File

Create .synapseaudit-ignore:

# Dependencies
node_modules/
vendor/
.pnpm/

# Build outputs
dist/
build/
out/
*.min.js
*.bundle.js

# Test files
**/*.test.js
**/*.spec.ts
__tests__/

# Configuration
*.config.js
.env*

CI/CD Integration

GitHub Actions

name: Security Scan
on: [push, pull_request]

jobs:
  security:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
        with:
          node-version: '20'
      
      - name: Install SynapseAudit CLI
        run: npm install -g @synapseaudit/cli
      
      - name: Run Security Scan
        run: synapse-audit scan . --format sarif --output results.sarif
        env:
          SYNAPSE_AUDIT_AI_KEY: ${{ secrets.OPENAI_API_KEY }}
      
      - name: Upload to GitHub Security
        uses: github/codeql-action/upload-sarif@v3
        with:
          sarif_file: results.sarif

GitLab CI

security_scan:
  image: node:20
  script:
    - npm install -g @synapseaudit/cli
    - synapse-audit scan . --format json --output gl-code-quality-report.json
  artifacts:
    reports:
      codequality: gl-code-quality-report.json

Pre-commit Hook

#!/bin/sh
# .git/hooks/pre-commit

echo "Running SynapseAudit security scan..."
npx @synapseaudit/cli scan . --severity high --no-progress

if [ $? -ne 0 ]; then
  echo "❌ Security scan failed. Commit aborted."
  exit 1
fi

echo "✅ Security scan passed!"

Examples

Scan Project

# Basic scan with table output
synapse-audit scan .

# Scan with AI analysis
synapse-audit scan . --ai

# Only show high/critical issues
synapse-audit scan . --severity high

# Export to JSON
synapse-audit scan . --format json --output results.json

Interactive Fixing

# Review and apply fixes interactively
synapse-audit fix . --interactive

# Auto-apply all fixes
synapse-audit fix . --auto-apply --backup

# Fix only critical issues
synapse-audit fix . --severity critical

Generate Reports

# HTML report with charts
synapse-audit report --format html --output report.html

# SARIF for GitHub Security
synapse-audit report --format sarif --output results.sarif

# Markdown summary
synapse-audit report --format markdown --output SECURITY.md

Watch Mode

# Continuously scan on file changes
synapse-audit scan . --watch

# Watch with auto-fix
synapse-audit scan . --watch --fix

Advanced Usage

Custom Rules

Create synapse-audit.rules.js:

export default {
  rules: [
    {
      id: 'custom-api-key-check',
      severity: 'critical',
      pattern: /API_KEY\s*=\s*['"][^'"]+['"]/g,
      message: 'Hardcoded API key detected',
      fix: 'Move to environment variable'
    },
    {
      id: 'custom-debug-code',
      severity: 'low',
      pattern: /debugger;/g,
      message: 'Debugger statement found',
      fix: 'Remove debugger statement'
    }
  ]
};

Use with: synapse-audit scan . --rules ./synapse-audit.rules.js

Programmatic API

import { SynapseAuditCLI } from '@synapseaudit/cli';

const scanner = new SynapseAuditCLI({
  severity: 'medium',
  ai: {
    provider: 'openai',
    apiKey: process.env.OPENAI_API_KEY
  }
});

const results = await scanner.scan('./src');

console.log(`Found ${results.vulnerabilities.length} issues`);

// Apply fixes
if (results.vulnerabilities.length > 0) {
  await scanner.fix(results.vulnerabilities, {
    autoApply: false,
    interactive: true
  });
}

Cloud Dashboard Integration

Sync your CLI scans with the SynapseAudit cloud dashboard:

# Login to cloud
synapse-audit auth login

# Scan and sync
synapse-audit scan . --sync

# View dashboard
synapse-audit dashboard open

Visual Examples

Banner & Welcome Screen

When you run any command, you'll see the beautiful green-themed banner:

███████╗██╗   ██╗███╗   ██╗ █████╗ ██████╗ ███████╗███████╗
...                                      (Green Gradient)

  AI-Powered Security Scanner for your code

Sample Scan Output

$ sa scan .

✓ Found 25 files to scan

████████████████████████████████████████ 100% | 25/25 files | app.js

Scan Summary

Metric              Count
──────────────────────────
Files Scanned       25
Total Issues        12
Critical            2
High                3
Medium              5
Low                 2
Fixable             8

Vulnerabilities Found

src/auth.js:
Line  Severity      Type                    Description
────────────────────────────────────────────────────────────────
45    CRITICAL      SQL Injection           Unsafe SQL query construction
89    HIGH          XSS Vulnerability       Unescaped user input in HTML

Found 12 vulnerabilities across 3 files.
   Run 'synapse-audit fix .' to apply 8 automatic fixes.

Interactive Fix Mode

$ sa fix . --interactive

✓ AI service ready: openai (gpt-4)

🔧 Generating AI-powered fixes...

src/auth.js:
✓ Generated fix for: SQL Injection

  Description: Use parameterized queries
  Confidence: 95%
  Explanation: Replace string concatenation with prepared statements

  - const query = `SELECT * FROM users WHERE id = ${userId}`;
  + const query = 'SELECT * FROM users WHERE id = ?';
  + const [rows] = await db.execute(query, [userId]);

? Apply this fix? (Y/n) 

  Backup created: src/auth.js.backup
  ✓ Fix applied!

Color Legend

| Symbol | Color | Meaning | |--------|-------|---------| | ✓ | Green | Success / Completed | | ℹ | Green | Information | | ⚠ | Yellow | Warning | | ✖ | Red | Error | | 🔧 | Green | Fix action | | 📊 | White | Data/Stats |

Severity Colors:

• Critical: Red Bold
• High: Yellow Bold
• Medium: Cyan
• Low: Gray

🔍 Troubleshooting

CLI Not Found

# Check installation
which synapse-audit   # macOS/Linux
where synapse-audit   # Windows

# Reinstall globally
npm uninstall -g @synapseaudit/cli
npm install -g @synapseaudit/cli

# For local development
cd cli
npm link

Local Development Issues

# If commands don't work after npm link
npm run build
npm unlink -g @synapseaudit/cli
npm link

# If TypeScript errors occur
npm install
npm run build

# Check if link is working
npm ls -g --depth=0 | grep synapse

AI Provider Errors

# Test AI connection
synapse-audit config test-ai

# View detailed logs
synapse-audit scan . --verbose

# Check configuration
synapse-audit config list

Permission Issues

# macOS/Linux: Fix permissions
sudo chown -R $USER /usr/local/lib/node_modules/@synapseaudit

# Windows: Run as Administrator or use --force
npm install -g @synapseaudit/cli --force

# Or install without admin rights
npm install -g @synapseaudit/cli --prefix ~/.npm-global
export PATH=~/.npm-global/bin:$PATH  # Add to ~/.bashrc or ~/.zshrc

Common Errors

Error: "Cannot find module"

# Rebuild the project
cd cli
npm run build

Error: "Command not found: sa"

# Check if npm bin is in PATH
echo $PATH  # macOS/Linux
echo $env:PATH  # Windows PowerShell

# Add npm global bin to PATH if needed
# macOS/Linux: Add to ~/.bashrc or ~/.zshrc
export PATH="$(npm config get prefix)/bin:$PATH"

# Windows: Add to System Environment Variables
# C:\Users\<username>\AppData\Roaming\npm

Error: "EACCES: permission denied"

# Use npx instead
npx @synapseaudit/cli scan .

# Or fix npm permissions
# https://docs.npmjs.com/resolving-eacces-permissions-errors

📚 Documentation

• Full Documentation
• API Reference
• Examples
• Running Locally - Quick guide to run from source
• Visual Guide - UI examples and color reference
• Quick Reference - Command cheat sheet
• Changelog - Version history

For Developers

• Running from Source: See RUNNING.md - Start here!
• Development Guide: See DEVELOPMENT.md - Complete dev guide
• Contributing: See CONTRIBUTING.md
• Project Structure:
  • src/ - TypeScript source files
  • dist/ - Compiled JavaScript (generated)
  • bin/ - CLI entry point
  • tests/ - Test files
• Scripts:
  • npm run build - Compile TypeScript
  • npm run dev - Watch mode (auto-rebuild)
  • npm test - Run tests
  • npm run lint - Check code style

🤝 Support

• Website: synapseaudit.digidenone.tech
• Email: [email protected]
• GitHub: Issues
• Discord: Community

📄 License

MIT © Digidenone

🔐 Secure your code from the command line. Deploy with confidence.

Made with 💚 by the SynapseAudit Team