DocsCLI

CLI

The CLI is included with @roadsidelab/keyspot-sdk — no separate install needed.

npm install @roadsidelab/keyspot-sdk
# The `keyspot` command is available via npx or locally

Commands

keyspot scan

# Scan a directory for secrets
keyspot scan ./src
 
# Auto-redact secrets in place
keyspot scan ./config --prune
 
# Git-aware scan (only changed files in last commit)
keyspot scan --git
 
# JSON output for CI
keyspot scan ./src --json > report.json

keyspot install

Install a pre-commit hook that runs keyspot scan --git.

keyspot install

GitHub Actions

name: Secret Scan
on: [push, pull_request]
jobs:
  scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: pnpm/action-setup@v4
      - run: pnpm install
      - run: pnpm exec keyspot scan ./src --prune --json
PreviousVector Store AdaptersNext Observability