Back to Home

Documentation

Sentinel CLI is a production-ready, AI-augmented command-line security scanner designed for ethical hackers, security engineers, and developers. It replaces traditional slow, GUI-dependent scanners with a blazing-fast terminal experience that delivers real vulnerability data in under 90 seconds.

DAST Scanning

Tests live web applications for 11 vulnerability categories in parallel.

AI Patch Engine

Generates copy-paste ready code fixes using OpenRouter-powered LLMs.

System Architecture

The tool combines a pure-Python parallel attack engine with an OpenRouter-powered AI layer, enabling not just vulnerability detection but also automated patch generation and conversational security analysis.

  • CLI Layer: Built with Typer and prompt_toolkit for a rich REPL experience.
  • Attack Engine: Uses ThreadPoolExecutor for 8-way parallel vulnerability checks.
  • Intelligence Layer: Context-aware AI brain for remediation analysis.
  • Data Layer: Local JSON-based scan storage at ~/.sentinel/scans/.

NPM Installation

The fastest way to install Sentinel globally on Windows, macOS, or Linux.

1. Install Package

npm install -g sentinel-security

2. Set API Key

Sentinel requires an OpenRouter API Key for AI features.

# macOS / Linux
export OPENROUTER_API_KEY="sk-or-your-key-here"

# Windows (PowerShell)
$env:OPENROUTER_API_KEY="sk-or-your-key-here"

3. Verify

sentinel doctor

Docker Installation

The Docker version is the most powerful, bundling OWASP ZAP and Nuclei pre-configured.

1. Build Image

git clone https://github.com/your-repo/sentinel-cli.git
cd sentinel-cli
docker build -t sentinel-security:latest .

2. Run Container

docker run -it -e OPENROUTER_API_KEY=your-key sentinel-security

From Source

For developers who want to contribute or customize the attack engine.

git clone https://github.com/your-repo/sentinel-cli.git
cd sentinel-cli
pip install -e .
sentinel

Command Reference

Command Description
scan --url <url> Launch a new security scan
patches Generate AI code fixes for last scan
chat Interactive AI session about findings
compare <id1> <id2> Diff two scan reports
history List all saved scans
doctor Run system health check

Troubleshooting

sentinel: command not found

Ensure you installed with the -g flag and your npm global bin directory is in your PATH.

Missing API Key

AI features will fail without OPENROUTER_API_KEY. Get one at openrouter.ai/keys and set it in your environment.

ZAP connection error

In Docker, ZAP takes ~30s to start. If scanning fails immediately, wait a moment and retry the scan command.