Skip to content

Command Line Interface

The Escape CLI provides a set of commands to interact with the Escape platform.

The CLI requires an API key to authenticate with the Escape platform. Set it as an environment variable:

export ESCAPE_API_KEY=<YOUR_API_KEY>

Command Overview

The Escape CLI provides the following commands:

COMMAND            DESCRIPTION
applications       Interact with your escape applications
  get              Get details about an application current configuration
  list             List all applications
  update-config    Update the configuration of an application
  update-schema    Update the schema of an application
integrations       Interact with your escape integrations
  apply            Update the integration based on a configuration file
  delete           Delete an integration
  get              Get integration details
  list             List all integrations
locations          Interact with your escape locations
  delete           Delete a location
  list             List all locations
  start            Start a location
scans              View scans results
  download         Download a scan result exchange archive (zip export)
  get              Return the scan status
  issues           List all issues of a scan
  list             List all scans of an application
  start            Start a new scan of an application
  watch            Bind the current terminal to a scan, listen for events and print them to the terminal. Exit when the scan is done.
version            Prints the version of the CLI

Applications

Interact with your Escape applications.


List Applications

List all your Escape applications.

escape-cli applications list

Aliases: ls, app, apps, application

Example Output:

ID                                      TYPE         NAME                                                           CREATED AT              HAS CI    CRON
00000000-0000-0000-0000-000000000001    REST         Example-Application-1                                          2025-02-21T11:15:07Z    false     0 11 * * 5
00000000-0000-0000-0000-000000000002    REST         Example-Application-2                                          2025-03-12T19:19:08Z    false     0 19 * * 3

Get Application

Get details about an application's current configuration.

escape-cli applications get application-id

Aliases: describe\ Arguments: application-id (ID of the application)

Example Output:

Name: Example-Application
Id: 00000000-0000-0000-0000-000000000000
CreatedAt: 2025-02-01T13:17:44Z
HasCI: false
Cron: 0 13 * * 6
Configuration:
{"authentication":{"users":[{"name":"public"}]},"scan":{"blocklist":{"routes":[{"method":"POST","path":".*logout.*"},{"method":"POST","path":".*password.*"},{"method":"PUT","path":".*password.*"},{"method":"POST","path":".*2fa.*"},{"method":"POST","path":".*(refresh|revoke).*token.*"},{"method":"DELETE","path":".*user"},{"method":"DELETE","path":".*token.*"},{"method":"PUT","path":".*role.*"},{"method":"PUT","path":".*permissions.*"},{"method":"DELETE","path":".*role.*"},{"method":"DELETE","path":".*permissions.*"},{"method":"GET","path":".*createdb.*"},{"method":"DELETE","path":".*user.*{user(name)?}.*"}]},"profile":"surface","read_only":true}}

Update Application Schema

Update the schema of an application based on a configuration file or URL.

escape-cli applications update-schema application-id schema-path|schema-url

Arguments:

  • application-id (ID of the application)
  • schema-path|schema-url (local file path or URL to the schema)

Examples:

escape-cli applications update-schema 00000000-0000-0000-0000-000000000000 schema.json
escape-cli applications update-schema 00000000-0000-0000-0000-000000000000 schema.yaml
escape-cli applications update-schema 00000000-0000-0000-0000-000000000000 https://example.com/schema.json

Update Application Config

Update the configuration of an application based on a configuration file.

escape-cli applications update-config application-id config-path

Arguments:

  • application-id (ID of the application)
  • config-path (path to configuration file in YAML or JSON format)

Examples:

escape-cli applications update-config 00000000-0000-0000-0000-000000000000 config.json
escape-cli applications update-config 00000000-0000-0000-0000-000000000000 config.yaml

Manage Integrations

Interact with your Escape integrations.

List Integrations

List all integrations.

escape-cli integrations list

Aliases: ls

Example Output:

ID                                      KIND               NAME                          LOCATION ID
00000000-0000-0000-0000-000000000001    AZURE_DEVOPS       Example Azure Integration     
00000000-0000-0000-0000-000000000002    KUBERNETES         Example K8s Integration        00000000-0000-0000-0000-000000000099

Apply Integration

Create or update an integration from a configuration file.

escape-cli integrations apply integration.yaml

Aliases: create, update\ Arguments: integration-path (path to .yaml or .json config file)

Example JSON file:

{
  "data": {
    "kind": "AKAMAI",
    "parameters": {
      "client_secret": "your-secret",
      "host": "your-host",
      "access_token": "your-token",
      "client_token": "your-client-token"
    }
  },
  "name": "Your Integration Name"
}

More about the format: API Reference


Delete Integration

Delete an integration.

escape-cli integrations delete 00000000-0000-0000-0000-000000000000

Aliases: del, remove\ Arguments: integration-id

Example Output:

Integration deleted

Get Integration

Get detailed information about a specific integration.

escape-cli integrations get 00000000-0000-0000-0000-000000000000

Aliases: describe\ Arguments: integration-id

Example Output:

Name: example-github-integration
Id: 00000000-0000-0000-0000-000000000001
LocationId: 
Data: {"kind":"GITHUB_API_KEY","parameters":{"api_key":"github_pat_XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"}}

Manage Locations

Interact with your Escape locations.

List Locations

List all locations.

escape-cli locations list

Aliases: ls, loc, location

Example Output:

ID                                      NAME                       SSH PUBLIC KEY
00000000-0000-0000-0000-000000000001    example-location-1         ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAI... example1@email.com
00000000-0000-0000-0000-000000000002    example-location-2         ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAI... example2@email.com

Start Location

Start a location by its name.

escape-cli locations start location-name

Arguments: location-name (name of the location to start)

Example Output:

[info] Verbose mode: 0
[info] escape-cli version: Version: 0.1.14, Commit: 05ffe67, BuildDate: 2025-04-25T15:30:54Z
[info] Private location testdoc in sync with Escape Platform, starting location...
[info] Private location ready to accept connections
[info] Connected to k8s API
[info] Handling request from Escape Platform to 127.0.0.1:8001
...
[The command will continue running until interrupted with Ctrl+C]

Delete Location

Delete a location by its ID.

escape-cli locations delete location-id

Aliases: del, remove\ Arguments: location-id (ID of the location to delete)

Example Output:

Location deleted

Manage Scans

Interact with your Escape scans.

List Scans

List all scans of an application.

escape-cli scans list application-id

Aliases: ls, sc, scan\ Arguments: application-id (ID of the application)

Example Output:

ID                                      STATUS      CREATED AT                           PROGRESS
00000000-0000-0000-0000-000000000001    FINISHED    2025-02-05 08:34:47.541 +0000 UTC    0.000000
00000000-0000-0000-0000-000000000002    FINISHED    2025-02-02 08:27:23.919 +0000 UTC    0.000000
00000000-0000-0000-0000-000000000003    FINISHED    2025-01-31 18:35:48.477 +0000 UTC    0.000000
00000000-0000-0000-0000-000000000004    FINISHED    2025-01-30 08:25:49.656 +0000 UTC    0.000000

Start Scan

Start a new scan of an application.

escape-cli scans start application-id [flags]

Arguments: application-id (ID of the application to scan)

Options:

  • --watch, -w: Watch for scan events and follow progress
  • --commit-hash: Commit hash
  • --commit-link: Commit link
  • --commit-branch: Commit branch
  • --commit-author: Commit author
  • --profile-picture: Commit author profile picture link
  • --override, -c: Configuration override (JSON)

Example:

escape-cli scans start 00000000-0000-0000-0000-000000000000
escape-cli scans start 00000000-0000-0000-0000-000000000000 --commit-hash 1234567890
escape-cli scans start 00000000-0000-0000-0000-000000000000 --override '{"scan": {"read_only": true}}'

Watch Scan

Bind the current terminal to a scan, listen for events and print them to the terminal.

escape-cli scans watch scan-id

Arguments: scan-id (ID of the scan to watch)


Get Scan

Get detailed information about a specific scan.

escape-cli scans get scan-id

Aliases: describe\ Arguments: scan-id (ID of the scan)

Example Output:

ID                                      STATUS      CREATED AT                           PROGRESS
00000000-0000-0000-0000-000000000001    FINISHED    2024-11-27 08:06:59.576 +0000 UTC    1.000000

Get Scan Issues

List all issues of a scan.

escape-cli scans issues scan-id

Aliases: results, res, result, iss\ Arguments: scan-id (ID of the scan)

Example Output:

ID                                      SEVERITY    TYPE    CATEGORY                  NAME                                         IGNORED    URL
00000000-0000-0000-0000-000000000001    MEDIUM      API     PROTOCOL                  Insecure Security Policy header              false      https://app.escape.tech/scan/00000000-0000-0000-0000-000000000005/issues/00000000-0000-0000-0000-000000000001/overview/
00000000-0000-0000-0000-000000000002    LOW         API     INFORMATION_DISCLOSURE    Debug mode enabled                           false      https://app.escape.tech/scan/00000000-0000-0000-0000-000000000005/issues/00000000-0000-0000-0000-000000000002/overview/

Download Scan Results

Download a scan result exchange archive.

escape-cli scans download scan-id archive-path

Aliases: dl, zip\ Arguments:

  • scan-id (ID of the scan)
  • archive-path (path where to save the ZIP file)

Example:

escape-cli scans download 00000000-0000-0000-0000-000000000000 ./exchanges.zip