CLI Reference
xa-v scan
Run a security scan against your API.
xa-v scan [target] [options]
Arguments
| Argument | Description |
|---|---|
| target | Path to OpenAPI spec file or URL of running API |
Options
| Flag | Default | Description |
|---|---|---|
| --mode | quick | Scan mode: quick or full |
| --output | table | Output format: table, json, jsonl |
| --endpoint | — | Scan a single endpoint (e.g. GET /users/:id) |
| --risk | — | Filter by risk level: high, medium, low, info |
| --format | — | Spec format: json, yaml (auto-detected) |
| --timeout | 300 | Scan timeout in seconds |
| --help | — | Show help message |
Examples
Scan a spec file:
xa-v scan ./openapi.yaml
Full scan with JSON output:
xa-v scan https://api.example.com --mode full --output json
Scan a single endpoint:
xa-v scan ./spec.yaml --endpoint "GET /users/:id"
xa-v --version
Print the installed version.
xa-v --version
xa-v --help
Show the help message with all commands and options.
xa-v --help