Prismor CLI

A powerful command-line tool for scanning GitHub repositories for security vulnerabilities, secrets, and generating Software Bill of Materials (SBOM).

Quick Start

1. Get Your API Key

Get your API key (Free)

Sign up to generate your key instantly.

2. Install & Configure

Terminal
$ pip install prismor

Set your API key:

Terminal
$ export PRISMOR_API_KEY=your_api_key_here

Usage Examples

Basic Syntax

Terminal
$ prismor --repo <repository> [scan-type]

Repository Formats

Username/Repository format:

Terminal
$ prismor --repo owner/repository --fullscan

Full GitHub URL:

Terminal
$ prismor --repo https://github.com/owner/repository --fullscan

Scan Types

1. Vulnerability Scanning (VEX)

Scan for known vulnerabilities in dependencies.

Terminal
$ prismor --repo myrepository --vex

2. Secret Detection

Detect exposed API keys, tokens, and credentials.

Terminal
$ prismor --repo myrepository --detect-secret

3. SBOM Generation

Generate Software Bill of Materials.

Terminal
$ prismor --repo myrepository --sbom

4. Full Scan (All checks)

Run all security checks in one command.

Terminal
$ prismor --repo myrepository --fullscan

JSON Output

Get results in JSON format for automation and CI/CD:

Terminal
$ prismor --repo myrepository --fullscan --json

Additional Commands

Check Configuration

Verify your CLI configuration and API key

Terminal
$ prismor config

Version Information

Check your installed CLI version

Terminal
$ prismor --version

Get Help

Display all available commands and options

Terminal
$ prismor --help

Full Analysis & Dashboard

For comprehensive analysis and visualization of your scan results, access the Prismor Dashboard with interactive charts, historical data, and team collaboration features.

Go to Dashboard →