AquilaX CLI

AquilaX CLI is a command-line interface for the AquilaX Application Security Platform

Supported Python Versions: 3.6+

Installation

Via PyPI

pip install aquilax

From Source

git clone https://github.com/AquilaX-AI/AquilaX-Client.git
cd AquilaX-Client
pip install -e .

Verification

aquilax --version

Authentication

aquilax login <token>

For self-hosted instances:

aquilax login <token> --server <url>

Parameters:

<token>: API authentication token
--server: (Optional) Server URL (default: https://aquilax.ai)

Logout

aquilax logout

Configuration

Set Default Organization

aquilax --set-org <org_id>

Set Default Group

aquilax --set-group <group_id>

Configuration File Location

Linux/macOS: ~/.aquilax/config.json
Windows: %USERPROFILE%\.aquilax\config.json

Structure:

{
  "apiToken": "your_api_token",
  "baseUrl": "https://aquilax.ai",
  "org_id": "507f1f77bcf86cd799439011",
  "group_id": "507f1f77bcf86cd799439012"
}

Available Scanners

Scanner

Function

PII Scanner

Detects personally identifiable information

Secret Scanner

Identifies exposed credentials and API keys

IaC Scanner

Analyzes Infrastructure as Code configurations

SAST Scanner

Static application security testing

SCA Scanner

Software composition analysis for dependencies

Container Scanner

Container security analysis

Image Scanner

Docker image scanning

CI/CD Scanner

Pipeline configuration security review

Commands

scan

Initiate a security scan on a Git repository.

aquilax scan <git_uri> [options]

Options:

Flag

Description

Default

--scanners

Scanners to execute

All scanners

--branch

Target branch

main

--sync

Real-time monitoring

Disabled

--format

Output format: json or table

table

Examples:

# All scanners, default branch
aquilax scan https://github.com/org/repo

# Specific branch with sync
aquilax scan https://github.com/org/repo --branch develop --sync

# Specific scanners only
aquilax scan https://github.com/org/repo --scanners secret_scanner sast_scanner

# JSON output
aquilax scan https://github.com/org/repo --format json

ci-scan

CI/CD-optimized scanning with policy enforcement.

aquilax ci-scan <git_uri> [options]

Options:

Flag

Description

Default

--org-id

Organization ID

Configured default

--group-id

Group ID

Configured default

--branch

Target branch

main

--sync

Real-time monitoring

Disabled

--fail-on-vulns

Exit non-zero if vulnerabilities found

Disabled

--format

Output format: json or table

table

--output-dir

PDF report directory

Current directory

--save-pdf

Save PDF report

Disabled

Examples:

# Basic scan
aquilax ci-scan https://github.com/org/repo

# Fail build on vulnerabilities
aquilax ci-scan https://github.com/org/repo --fail-on-vulns

# Override org/group
aquilax ci-scan https://github.com/org/repo \
  --org-id 507f1f77bcf86cd799439011 \
  --group-id 507f1f77bcf86cd799439012

pull

Retrieve scan results by ID.

aquilax pull <scan_id> [options]

Options:

Flag

Description

Default

--org-id

Organization ID

Configured default

--group-id

Group ID

Configured default

--format

Output format: json or table

table

Example:

aquilax pull 507f1f77bcf86cd799439013 --format json

get orgs

List accessible organizations.

aquilax get orgs

get groups

List groups within an organization.

aquilax get groups [--org-id <org_id>]

get scan-details

Retrieve detailed scan information.

aquilax get scan-details --scan-id <scan_id> [options]

Options:

Flag

Description

Default

--org-id

Organization ID

Configured default

--group-id

Group ID

Configured default

--format

Output format: json or table

table

Output Formats

Table Format

╭─────────────────┬──────────────────────┬─────────────────────────┬──────────┬─────────┬────────╮
│ Scanner         │ Path                 │ Vulnerability           │ Severity │ CWE     │ OWASP  │
├─────────────────┼──────────────────────┼─────────────────────────┼──────────┼─────────┼────────┤
│ secret_scanner  │ config/database.yml  │ Hardcoded API Key       │ HIGH     │ CWE-798 │ A02    │
│ sast_scanner    │ app/controllers/...  │ SQL Injection           │ CRITICAL │ CWE-89  │ A03    │
╰─────────────────┴──────────────────────┴─────────────────────────┴──────────┴─────────┴────────╯

JSON Format

{
  "scan_id": "507f1f77bcf86cd799439013",
  "status": "COMPLETED",
  "findings": [
    {
      "scanner": "secret_scanner",
      "path": "config/database.yml",
      "vuln": "Hardcoded API Key",
      "severity": "HIGH",
      "cwe": ["CWE-798"],
      "owasp": ["A02"]
    }
  ]
}

Security Policy Enforcement

Security policies are configured at the group level. Scans fail when vulnerability counts exceed defined thresholds.

Threshold Types:

total: Maximum total vulnerabilities
CRITICAL: Maximum critical severity findings
HIGH: Maximum high severity findings
MEDIUM: Maximum medium severity findings
LOW: Maximum low severity findings

Example:

Security Policy Thresholds:
  - total: 10
  - CRITICAL: 0
  - HIGH: 2
  - MEDIUM: 5
  - LOW: 10

When thresholds are exceeded:

Thresholds exceeded: CRITICAL (2) > 0; HIGH (5) > 2
Pipeline failed due to security policy violations.

CI/CD Integration

GitHub Actions

name: Security Scan
on: [push]

jobs:
  scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - name: Run AquilaX Scan
        run: |
          pip install aquilax
          aquilax login ${{ secrets.AQUILAX_TOKEN }}
          aquilax ci-scan ${{ github.repository }} --fail-on-vulns

GitLab CI

security_scan:
  stage: test
  script:
    - pip install aquilax
    - aquilax login $AQUILAX_TOKEN
    - aquilax ci-scan $CI_REPOSITORY_URL --branch $CI_COMMIT_BRANCH --fail-on-vulns

Jenkins

stage('Security Scan') {
    steps {
        sh 'pip install aquilax'
        sh 'aquilax login ${AQUILAX_TOKEN}'
        sh 'aquilax ci-scan ${GIT_URL} --fail-on-vulns --format json > scan-results.json'
    }
}

Azure DevOps

- task: CmdLine@2
  inputs:
    script: |
      pip install aquilax
      aquilax login $(AQUILAX_TOKEN)
      aquilax ci-scan $(Build.Repository.Uri) --fail-on-vulns

Troubleshooting

Module Import Errors

Issue: ModuleNotFoundError: No module named 'aquilax'

Resolution:

pip install aquilax
source venv/bin/activate  # Linux/macOS
venv\Scripts\activate     # Windows

Authentication Errors

Issue: 401 Unauthorized

Resolution:

aquilax logout
aquilax login <correct_token>

Repository Access Errors

Causes:

Incorrect repository URL
Insufficient access permissions
Invalid branch name

Resolution:

Verify repository URL
Confirm platform has repository access
Check branch exists: git branch -a

Connection Issues

Resolution:

# Verify server URL
aquilax login <token> --server https://correct-url.com

# Test connectivity
curl https://your-server.com/health

Environment Variables

export AQUILAX_SERVER="https://your-instance.com"

Support

Email: [email protected]
Website: https://aquilax.ai
Documentation: https://docs.aquilax.ai
Issues: https://github.com/AquilaX-AI/AquilaX-Client/issues

More Details

You can simple type aquilax -h for more details or you can visit the open source repo of the CLI here: https://github.com/AquilaX-AI/AquilaX-Client

If you find any issue or any suggestion for improvement, we love to hear from you: https://uptime.betterstack.com/report/QK1Vyg2gkGYXXe8YDePQpuyX

PreviousDevTools NextCI/CD

Last updated 14 days ago

hashtagInstallation

hashtagVia PyPI

hashtagFrom Source

hashtagVerification

hashtagAuthentication

hashtagLogin

hashtagLogout

hashtagConfiguration

hashtagSet Default Organization

hashtagSet Default Group

hashtagConfiguration File Location

hashtagAvailable Scanners

hashtagCommands

hashtagscan

hashtagci-scan

hashtagpull

hashtagget orgs

hashtagget groups

hashtagget scan-details

hashtagOutput Formats

hashtagTable Format

hashtagJSON Format

hashtagSecurity Policy Enforcement

hashtagCI/CD Integration

hashtagGitHub Actions

hashtagGitLab CI

hashtagJenkins

hashtagAzure DevOps

hashtagTroubleshooting

hashtagModule Import Errors

hashtagAuthentication Errors

hashtagRepository Access Errors

hashtagConnection Issues

hashtagEnvironment Variables

hashtagSupport

hashtagMore Details

Installation

Via PyPI

From Source

Verification

Authentication

Login

Logout

Configuration

Set Default Organization

Set Default Group

Configuration File Location

Available Scanners

Commands

scan

ci-scan

pull

get orgs

get groups

get scan-details

Output Formats

Table Format

JSON Format

Security Policy Enforcement

CI/CD Integration

GitHub Actions

GitLab CI

Jenkins

Azure DevOps

Troubleshooting

Module Import Errors

Authentication Errors

Repository Access Errors

Connection Issues

Environment Variables

Support

More Details