Cli Overview
The BlockSecOps CLI provides command-line access to smart contract security scanning. --- - Scan contracts from the terminal - Multiple output formats: Table,...
Last updated: January 14, 2026
CLI Overview
The BlockSecOps CLI provides command-line access to smart contract security scanning.
Features
- Scan contracts from the terminal
- Multiple output formats: Table, JSON, SARIF, JUnit
- CI/CD integration: Exit codes and machine-readable output
- Pre-commit hooks: Catch issues before commit
- Secure credential storage: API keys stored in system keyring
Installation
Via pip (recommended)
pip install blocksecops-cli
Via pipx (isolated environment)
pipx install blocksecops-cli
From source
git clone https://github.com/blocksecops/blocksecops-cli
cd blocksecops-cli
pip install -e .
Verify installation
blocksecops version
Quick Start
1. Authenticate
blocksecops auth login
You'll be prompted for your API key. Get one from Settings > API Keys in the dashboard.
2. Scan a contract
blocksecops scan run contract.sol
3. View results
Results display in a formatted table by default:
┌──────────────────────────────────────────────────────────────────────────────┐
│ Scan Summary │
│ │
│ Status: COMPLETED │
│ Vulnerabilities: 5 │
│ 2 Critical 1 High 2 Medium │
│ │
│ Scanners: slither, aderyn, mythril │
│ Duration: 45.2s │
└──────────────────────────────────────────────────────────────────────────────┘
Vulnerabilities
┏━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━┓
┃ Severity ┃ Title ┃ Location ┃ Scanner ┃
┡━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━╇━━━━━━━━━━━┩
│ CRITICAL │ Reentrancy vulnerability │ Vault.sol:45 │ slither │
│ CRITICAL │ Unchecked external call │ Vault.sol:52 │ aderyn │
│ HIGH │ Missing access control │ Admin.sol:12 │ slither │
│ MEDIUM │ Floating pragma │ Token.sol:1 │ solhint │
│ MEDIUM │ Missing zero check │ Token.sol:23 │ aderyn │
└──────────┴──────────────────────────┴──────────────────────┴───────────┘
Commands Overview
| Command | Description |
|---|---|
blocksecops auth login |
Authenticate with API key |
blocksecops auth logout |
Remove stored credentials |
blocksecops auth whoami |
Show current user |
blocksecops auth status |
Check connection status |
blocksecops scan run <path> |
Scan a contract file |
blocksecops scan status <id> |
Check scan status |
blocksecops scan results <id> |
Get scan results |
blocksecops scan list |
List recent scans |
blocksecops version |
Show CLI version |
See CLI Commands for detailed documentation.
Output Formats
| Format | Use Case | Flag |
|---|---|---|
| table | Human-readable terminal output | --output table (default) |
| json | Machine-readable, scripting | --output json |
| sarif | GitHub/GitLab code scanning | --output sarif |
| junit | CI test reporting | --output junit |
See Output Formats for details.
CI/CD Integration
The CLI is designed for CI/CD pipelines:
# GitHub Actions example
- name: Security Scan
run: |
pip install blocksecops-cli
blocksecops scan run ./contracts \
--output sarif \
--output-file results.sarif \
--fail-on high
- name: Upload SARIF
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: results.sarif
See CI/CD Integration for pipeline examples.
Pre-Commit Hooks
Block commits with security issues:
# .pre-commit-config.yaml
repos:
- repo: https://github.com/blocksecops/blocksecops-cli
rev: v0.1.0
hooks:
- id: blocksecops-scan
See Pre-Commit Hooks for setup details.
Environment Variables
| Variable | Description |
|---|---|
BLOCKSECOPS_API_KEY |
API key (overrides stored key) |
BLOCKSECOPS_API_URL |
Custom API URL |
BLOCKSECOPS_FAIL_ON |
Default severity threshold |
CI |
Enables CI mode (no color, minimal output) |
Requirements
- Python 3.10 or higher
- Network access to BlockSecOps API
- Valid API key
Next Steps
- CLI Configuration - Configure the CLI
- CLI Commands - Command reference
- Output Formats - Format options
- Pre-Commit Hooks - Git integration