Skip to main content

Overview

The /scan command performs fast static analysis security testing on source code repositories using Semgrep. It’s an alias for /raptor-scan and provides quick vulnerability detection for common security issues.

Syntax

python3 raptor.py scan --repo <path> [options]

Parameters

repo
string
required
Absolute path to the code repository to scan
policy_groups
string
Comma-separated list of policy groups (e.g., secrets,owasp)
max-findings
integer
Maximum number of findings to analyze (default: unlimited)

What It Does

  1. Runs Semgrep static analysis with OWASP and security rulesets
  2. Generates SARIF output files with vulnerability findings
  3. Saves results to out/ directory
  4. Provides quick feedback on common security issues

Examples

Basic Scan

python3 raptor.py scan --repo /path/to/code
Scans the repository for all security vulnerabilities.

Targeted Policy Scan

python3 raptor.py scan --repo /path/to/code --policy_groups secrets,owasp
Focuses on secrets detection and OWASP vulnerabilities.

Limited Findings

python3 raptor.py scan --repo /path/to/code --max-findings 20
Stops after finding 20 vulnerabilities for quick triage.

Output Structure

out/scan_<timestamp>/
├── findings.sarif       # SARIF format findings
├── report.md           # Human-readable report
└── findings-summary.json

Use Cases

  • Quick security audit of codebases
  • Pre-commit security checks
  • Initial vulnerability discovery
  • Identifying low-hanging fruit

/codeql

Deeper static analysis with dataflow validation

/agentic

Full autonomous workflow including scan + analysis + exploit generation

/analyze

LLM-based analysis of scan results

/validate

Validate exploitability of findings

Notes

  • Always use absolute paths for repositories
  • Semgrep is faster than CodeQL but may miss complex dataflow issues
  • For comprehensive analysis, use /agentic instead
  • Results are saved in SARIF format for tool integration

Build docs developers (and LLMs) love

Get started for freeTalk to us