vibeguard-cli

v1.0.13

Published

15 days ago

VibeGuard Security Scanner CLI

0High
0Medium
0Low

atlantium-ai

security scanner cli vibeguard

VibeGuard CLI

Official command-line interface for the VibeGuard Security Scanner.

Installation

npm install -g vibeguard-cli

Quick Start

1. Authenticate

vibeguard auth <your-api-key>

Your API key will be saved to ~/.vibeguard/config.json.

Alternatively, set the VIBEGUARD_API_KEY environment variable:

export VIBEGUARD_API_KEY=your-api-key-here

2. Scan Your Project

# Scan current directory
vibeguard scan

# Scan specific directory
vibeguard scan ./my-project

# Output as JSON
vibeguard scan --format json

# Output as SARIF (for CI/CD)
vibeguard scan --format sarif --output results.sarif

# Show only critical/high severity
vibeguard scan --min-severity high

# Fail on specific severity level
vibeguard scan --fail-on medium

Commands

`vibeguard auth <api-key>`

Authenticate with your VibeGuard API key.

`vibeguard scan [path]`

Scan a project directory for security vulnerabilities.

Options:

--format <format> - Output format: terminal (default), json, or sarif
--output <file> - Write results to a file instead of stdout
--min-severity <level> - Only show vulnerabilities of this severity or higher (low, medium, high, critical)
--fail-on <level> - Exit with code 1 if vulnerabilities of this severity or higher are found

Configuration

Environment Variables

VIBEGUARD_API_KEY - Your API key (overrides config file)
VIBEGUARD_API_URL - Custom API endpoint (default: https://vibeguard.atlantiumai.io)

Config File

The CLI stores configuration in ~/.vibeguard/config.json:

{
  "apiKey": "your-api-key",
  "apiUrl": "https://vibeguard.atlantiumai.io"
}

Exit Codes

0 - No critical or high severity vulnerabilities found
1 - Critical or high severity vulnerabilities found, or scan failed

Use --fail-on to customize the exit code behavior.

CI/CD Integration

GitHub Actions

- name: Run VibeGuard Scan
  run: |
    npm install -g vibeguard-cli
    vibeguard scan --format sarif --output vibeguard-results.sarif
  env:
    VIBEGUARD_API_KEY: ${{ secrets.VIBEGUARD_API_KEY }}

- name: Upload SARIF results
  uses: github/codeql-action/upload-sarif@v2
  with:
    sarif_file: vibeguard-results.sarif

GitLab CI

vibeguard-scan:
  script:
    - npm install -g vibeguard-cli
    - vibeguard scan --format json --output vibeguard-results.json
  artifacts:
    reports:
      security: vibeguard-results.json

What Gets Scanned?

The CLI automatically respects your .gitignore file and excludes:

node_modules/
.git/
Build directories (dist/, build/, out/)
Environment files (.env, .env.*)
IDE directories (.vscode/, .idea/)
Log files (*.log)
Cache directories

Maximum project size: 50MB (compressed)

Support

For issues or questions, visit https://vibeguard.atlantiumai.io/support