Docs / CLI

CLI reference

30 commands across 5 categories. Install with npm i -g @tar_9897/certus-ai

Quick start

$ npm install -g @tar_9897/certus-ai

$ certus init

$ certus login

$ certus scan

# View results in the dashboard

$ certus dashboard

Scanners

All 5 scanners run in parallel via Promise.allSettled. Results are aggregated into a single evidence pack.

Test coverage

Analyzes test runner output for coverage metrics

Jest, Vitest, pytest, Go test

SAST

Static analysis for security vulnerabilities

Semgrep rules, custom patterns

SBOM

Software bill of materials generation and analysis

SPDX, CycloneDX, SLSA provenance

IaC

Infrastructure-as-code compliance checking

Terraform, CloudFormation, Kubernetes

Secrets

Secret and credential detection

Regex patterns, entropy analysis

Core

scanRun all 5 scanners, compute grade, sign evidence pack, optionally sync to API

certus scan [--format json|table] [--no-sync]

verifyVerify an existing evidence pack signature

certus verify <pack-id>

initInitialize Certus in the current repository

certus init

riskCompute risk score for the current repository

certus risk

fixAuto-fix findings using the fixer registry

certus fix [--dry-run]

Configuration

configView or set configuration values

certus config [key] [value]

loginAuthenticate with the Certus platform

certus login

statusShow authentication and workspace status

certus status [--workspace]

pingTest connectivity to the Certus API

certus ping

Compliance

evidenceGenerate and manage evidence packs

certus evidence [--framework soc-2|hipaa|pci]

blueprintRun compliance blueprints against the repository

certus blueprint [slug]

policyEvaluate and enforce policy rules

certus policy [--strict]

auditGenerate audit-ready reports

certus audit [--format html|json]

attestCreate a signed attestation for a framework

certus attest --framework <name>

Analysis

runbackRe-run historical scans for trend analysis

certus runback [--count N]

historyView scan history for the current repository

certus history [--limit N]

dashboardOpen the web dashboard

certus dashboard

compareCompare two scan results

certus compare <run1> <run2>

driftDetect compliance drift between runs

certus drift

benchmarkBenchmark repository against industry standards

certus benchmark

explainExplain a finding or control mapping

certus explain <finding-id>

costEstimate remediation cost for open findings

certus cost

exportExport evidence in multiple formats

certus export [--format json|pdf|sbom]

Diagnostics

doctorCheck system dependencies and configuration

certus doctor

logsView recent CLI logs

certus logs [--tail N]

diagnosticsGenerate a diagnostic bundle for support

certus diagnostics

Back to docs API reference Architecture