Prismor CLI

A powerful command-line tool for scanning GitHub repositories for security vulnerabilities, secrets, and generating Software Bill of Materials (SBOM).

Quick Start

1. Get Your API Key

Get your API key for free, takes 10s

Sign up → Profile → Generate API Key

2. Install & Configure

Terminal
$ pip install prismor

Set your API key:

Terminal
$ export PRISMOR_API_KEY=your_api_key_here

Usage Examples

Basic Syntax

Terminal
$ prismor --scan <repository> [scan-type]

Repository Formats

Username/Repository format:

Terminal
$ prismor --scan owner/repository --fullscan

Full GitHub URL:

Terminal
$ prismor --scan https://github.com/owner/repository --fullscan

Scan Types

1. Vulnerability Scanning (VEX)

Scan for known vulnerabilities in dependencies

Terminal
$ prismor --scan myrepository --vex

2. Secret Detection

Detect exposed API keys, tokens, and credentials

Terminal
$ prismor --scan myrepository --detect-secret

3. SBOM Generation

Generate Software Bill of Materials

Terminal
$ prismor --scan myrepository --sbom

4. Full Scan (All checks)

Run all security checks in one command

Terminal
$ prismor --scan myrepository --fullscan

JSON Output

Get results in JSON format for automation and CI/CD:

Terminal
$ prismor --scan myrepository --fullscan --json

Additional Commands

Check Configuration

Verify your CLI configuration and API key

Terminal
$ prismor config

Version Information

Check your installed CLI version

Terminal
$ prismor --version

Get Help

Display all available commands and options

Terminal
$ prismor --help

Full Analysis & Dashboard

For comprehensive analysis and visualization of your scan results, access the Prismor Dashboard with interactive charts, historical data, and team collaboration features.

Go to Dashboard →