The highest tagged major version is
README
ΒΆ
Vulnetix CLI & GitHub Action
This GitHub Action provides the Vulnetix CLI for your workflows, enabling automated vulnerability management directly in your CI/CD pipeline.
Please also check out our GitHub App for additional integrations.
Claude Code Plugin
Integrate Vulnetix vulnerability intelligence directly into your Claude Code workflow with our official plugin. Get real-time security insights as you code, with automated pre-commit scanning and interactive vulnerability analysis.
Installation
Add the plugin directly from GitHub:
/plugin add https://github.com/Vulnetix/claude-code-plugin
Prerequisites:
- Vulnetix CLI installed (see Platform Support below)
- Authenticated with
vulnetix auth login
Features
πͺ Automatic Pre-Commit Scanning
The plugin automatically scans staged dependency files before each commit:
git add package.json package-lock.json
git commit -m "Update dependencies"
What happens:
- Detects changes to 15+ manifest types (npm, Python, Go, Rust, Maven, etc.)
- Scans for vulnerabilities using Vulnetix VDB
- Reports findings by severity:
2 critical, 5 high, 8 medium - Never blocks commits β informational only, helping you make informed decisions
Developer benefit: Catch vulnerable dependencies at commit time, not in production. Zero configuration required.
π Interactive Skills
Three powerful skills for proactive security:
/vulnetix:package-search <name>What it does: Search packages before adding them as dependencies
/vulnetix:package-search express
Workflow:
- Detects your project's ecosystems (npm, PyPI, Maven, etc.)
- Searches Vulnetix package database for matching packages
- Shows vulnerability counts, max severity, and Safe Harbour scores
- Proposes exact manifest edits with the safest version
- Asks for confirmation before applying changes
Developer benefit: Make informed dependency choices. Compare alternatives, understand security posture, and add packages with confidence.
/vulnetix:exploits <vuln-id>What it does: Analyze exploit intelligence for a vulnerability
/vulnetix:exploits CVE-2021-44228
Workflow:
- Fetches public exploits (PoCs, Metasploit modules, security advisories)
- Retrieves CVSS scores, EPSS probability, and CISA KEV status
- Checks if your dependencies are affected
- Analyzes exploit reachability via static analysis
- Provides exploitability rating: CRITICAL/HIGH/MEDIUM/LOW/N/A
- Recommends next steps
Developer benefit: Understand real-world impact. Is this CVE actively exploited? Do we use the vulnerable code path? Should we drop everything and patch?
/vulnetix:fix <vuln-id>What it does: Get fix intelligence and concrete remediation steps
/vulnetix:fix GHSA-xxxx-yyyy-zzzz
Workflow:
- Fetches fix data: version bumps, patches, workarounds
- Identifies affected dependencies in your manifests
- Shows exact edits with version upgrades
- Assesses breaking change risk (patch/minor/major)
- Proposes changes and asks for confirmation
- Suggests test commands and re-scanning to verify
Developer benefit: Fix vulnerabilities fast. No manual version hunting, no guessing about breaking changes. Just clear, actionable remediation.
When to Use Each Skill
| Scenario | Command | Benefit |
|---|---|---|
| Adding a new dependency | /vulnetix:package-search lodash |
Choose the safest option upfront |
| Commit hook found vulnerabilities | /vulnetix:exploits CVE-2024-1234 |
Understand severity and urgency |
| Need to patch a CVE | /vulnetix:fix CVE-2024-1234 |
Get concrete fix steps |
| Evaluating alternatives | /vulnetix:package-search axios |
Compare security postures |
| Triaging security alerts | /vulnetix:exploits <vuln-id> |
Assess real-world exploitability |
Configuration
The plugin works out of the box with zero configuration. Optional customization:
- Disable hook temporarily:
/plugin disable vulnetix - Re-enable:
/plugin enable vulnetix - Check status:
/plugins
Privacy & Security
- No code sent to Vulnetix β only dependency names/versions
- Local scanning via Vulnetix CLI
- PoC exploits analyzed statically, never executed
- All API calls authenticated via HTTPS
π Full plugin documentation β
Platform Support
Vulnetix supports all major platforms and installation methods:
| Method | Linux | macOS | Windows | CI/CD | Enterprise | Installation |
|---|---|---|---|---|---|---|
| Homebrew | β | β | - | - | β | brew install vulnetix/tap/vulnetix |
| Scoop | - | - | β | - | β | scoop install vulnetix |
| Nix | β | β | - | β | β | nix profile install github:Vulnetix/cli |
| Go Install | β | β | β | β | β | go install github.com/vulnetix/cli@latest |
| Binary Download | β | β | β | β | β | Direct download with curl |
| From Source | β | β | β | β | β | Full customization |
| GitHub Actions | β | β | β | β | β | Native GitHub integration |
| GitLab CI | β | β | β | β | β | GitLab pipeline integration |
| Azure DevOps | β | β | β | β | β | Azure pipeline integration |
| Bitbucket | β | β | β | β | β | Bitbucket pipeline integration |
Architecture Support: AMD64, ARM64, ARM, 386 across all platforms
Quick Start Examples
Homebrew (Recommended)
brew tap vulnetix/tap
brew install vulnetix
vulnetix
Scoop (Windows)
scoop bucket add vulnetix https://github.com/Vulnetix/scoop-bucket
scoop install vulnetix
vulnetix
Nix
nix profile install github:Vulnetix/cli
vulnetix
Go Install
go install github.com/vulnetix/cli@latest
vulnetix
Local Binary
Download and run the binary directly:
# Linux AMD64
curl -L https://github.com/Vulnetix/cli/releases/latest/download/vulnetix-linux-amd64 -o vulnetix
chmod +x vulnetix && ./vulnetix --org-id "your-org-id-here"
# macOS (Intel)
curl -L https://github.com/Vulnetix/cli/releases/latest/download/vulnetix-darwin-amd64 -o vulnetix
chmod +x vulnetix && ./vulnetix --org-id "your-org-id-here"
# macOS (Apple Silicon)
curl -L https://github.com/Vulnetix/cli/releases/latest/download/vulnetix-darwin-arm64 -o vulnetix
chmod +x vulnetix && ./vulnetix --org-id "your-org-id-here"
# Windows (PowerShell)
Invoke-WebRequest -Uri "https://github.com/Vulnetix/cli/releases/latest/download/vulnetix-windows-amd64.exe" -OutFile "vulnetix.exe"
.\vulnetix.exe --org-id "your-org-id-here"
π View detailed usage examples β
Available Tasks
Vulnetix supports multiple task types to cover different aspects of vulnerability management:
| Task | Description | Use Case | Required Flags |
|---|---|---|---|
info |
Auth healthcheck (default) | Verify credential setup | - |
Documentation
- Installation - Installation guides for all platforms
- CLI Reference - Complete command-line documentation
- Usage Examples - Comprehensive usage guide
- GitHub Actions Artifact Upload - Upload workflow artifacts to Vulnetix
- Distribution - How we distribute across platforms
Distribution
Vulnetix CLI is published on each release:
- Homebrew Tap --
brew install vulnetix/tap/vulnetix - Scoop Bucket --
scoop install vulnetix(Windows) - Nix Flake --
nix profile install github:Vulnetix/cli - GitHub Releases -- Go Install, Binary Downloads
- GitHub Marketplace -- GitHub Actions integration
Documentation
ΒΆ
There is no documentation for this package.
Source Files
Directories