Command Line Interface¶
The Escape CLI provides a set of commands to interact with the Escape platform.
The CLI requires an API key to authenticate with the Escape platform. Set it as an environment variable:
Command Overview¶
The Escape CLI provides the following commands:
COMMAND DESCRIPTION
applications Interact with your escape applications
get Get details about an application current configuration
list List all applications
update-config Update the configuration of an application
update-schema Update the schema of an application
integrations Interact with your escape integrations
apply Update the integration based on a configuration file
delete Delete an integration
get Get integration details
list List all integrations
locations Interact with your escape locations
delete Delete a location
list List all locations
start Start a location
scans View scans results
download Download a scan result exchange archive (zip export)
get Return the scan status
issues List all issues of a scan
list List all scans of an application
start Start a new scan of an application
watch Bind the current terminal to a scan, listen for events and print them to the terminal. Exit when the scan is done.
version Prints the version of the CLI
Applications¶
Interact with your Escape applications.
List Applications¶
List all your Escape applications.
Aliases: ls, app, apps, application
Example Output:
ID TYPE NAME CREATED AT HAS CI CRON
00000000-0000-0000-0000-000000000001 REST Example-Application-1 2025-02-21T11:15:07Z false 0 11 * * 5
00000000-0000-0000-0000-000000000002 REST Example-Application-2 2025-03-12T19:19:08Z false 0 19 * * 3
Get Application¶
Get details about an application's current configuration.
Aliases: describe\ Arguments: application-id (ID of the application)
Example Output:
Name: Example-Application
Id: 00000000-0000-0000-0000-000000000000
CreatedAt: 2025-02-01T13:17:44Z
HasCI: false
Cron: 0 13 * * 6
Configuration:
{"authentication":{"users":[{"name":"public"}]},"scan":{"blocklist":{"routes":[{"method":"POST","path":".*logout.*"},{"method":"POST","path":".*password.*"},{"method":"PUT","path":".*password.*"},{"method":"POST","path":".*2fa.*"},{"method":"POST","path":".*(refresh|revoke).*token.*"},{"method":"DELETE","path":".*user"},{"method":"DELETE","path":".*token.*"},{"method":"PUT","path":".*role.*"},{"method":"PUT","path":".*permissions.*"},{"method":"DELETE","path":".*role.*"},{"method":"DELETE","path":".*permissions.*"},{"method":"GET","path":".*createdb.*"},{"method":"DELETE","path":".*user.*{user(name)?}.*"}]},"profile":"surface","read_only":true}}
Update Application Schema¶
Update the schema of an application based on a configuration file or URL.
Arguments:
application-id(ID of the application)schema-path|schema-url(local file path or URL to the schema)
Examples:
escape-cli applications update-schema 00000000-0000-0000-0000-000000000000 schema.json
escape-cli applications update-schema 00000000-0000-0000-0000-000000000000 schema.yaml
escape-cli applications update-schema 00000000-0000-0000-0000-000000000000 https://example.com/schema.json
Update Application Config¶
Update the configuration of an application based on a configuration file.
Arguments:
application-id(ID of the application)config-path(path to configuration file in YAML or JSON format)
Examples:
escape-cli applications update-config 00000000-0000-0000-0000-000000000000 config.json
escape-cli applications update-config 00000000-0000-0000-0000-000000000000 config.yaml
Manage Integrations¶
Interact with your Escape integrations.
List Integrations¶
List all integrations.
Aliases: ls
Example Output:
ID KIND NAME LOCATION ID
00000000-0000-0000-0000-000000000001 AZURE_DEVOPS Example Azure Integration
00000000-0000-0000-0000-000000000002 KUBERNETES Example K8s Integration 00000000-0000-0000-0000-000000000099
Apply Integration¶
Create or update an integration from a configuration file.
Aliases: create, update\ Arguments: integration-path (path to .yaml or .json config file)
Example JSON file:
{
"data": {
"kind": "AKAMAI",
"parameters": {
"client_secret": "your-secret",
"host": "your-host",
"access_token": "your-token",
"client_token": "your-client-token"
}
},
"name": "Your Integration Name"
}
More about the format: API Reference
Delete Integration¶
Delete an integration.
Aliases: del, remove\ Arguments: integration-id
Example Output:
Get Integration¶
Get detailed information about a specific integration.
Aliases: describe\ Arguments: integration-id
Example Output:
Name: example-github-integration
Id: 00000000-0000-0000-0000-000000000001
LocationId:
Data: {"kind":"GITHUB_API_KEY","parameters":{"api_key":"github_pat_XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"}}
Manage Locations¶
Interact with your Escape locations.
List Locations¶
List all locations.
Aliases: ls, loc, location
Example Output:
ID NAME SSH PUBLIC KEY
00000000-0000-0000-0000-000000000001 example-location-1 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAI... example1@email.com
00000000-0000-0000-0000-000000000002 example-location-2 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAI... example2@email.com
Start Location¶
Start a location by its name.
Arguments: location-name (name of the location to start)
Example Output:
[info] Verbose mode: 0
[info] escape-cli version: Version: 0.1.14, Commit: 05ffe67, BuildDate: 2025-04-25T15:30:54Z
[info] Private location testdoc in sync with Escape Platform, starting location...
[info] Private location ready to accept connections
[info] Connected to k8s API
[info] Handling request from Escape Platform to 127.0.0.1:8001
...
[The command will continue running until interrupted with Ctrl+C]
Delete Location¶
Delete a location by its ID.
Aliases: del, remove\ Arguments: location-id (ID of the location to delete)
Example Output:
Manage Scans¶
Interact with your Escape scans.
List Scans¶
List all scans of an application.
Aliases: ls, sc, scan\ Arguments: application-id (ID of the application)
Example Output:
ID STATUS CREATED AT PROGRESS
00000000-0000-0000-0000-000000000001 FINISHED 2025-02-05 08:34:47.541 +0000 UTC 0.000000
00000000-0000-0000-0000-000000000002 FINISHED 2025-02-02 08:27:23.919 +0000 UTC 0.000000
00000000-0000-0000-0000-000000000003 FINISHED 2025-01-31 18:35:48.477 +0000 UTC 0.000000
00000000-0000-0000-0000-000000000004 FINISHED 2025-01-30 08:25:49.656 +0000 UTC 0.000000
Start Scan¶
Start a new scan of an application.
Arguments: application-id (ID of the application to scan)
Options:
--watch,-w: Watch for scan events and follow progress--commit-hash: Commit hash--commit-link: Commit link--commit-branch: Commit branch--commit-author: Commit author--profile-picture: Commit author profile picture link--override,-c: Configuration override (JSON)
Example:
escape-cli scans start 00000000-0000-0000-0000-000000000000
escape-cli scans start 00000000-0000-0000-0000-000000000000 --commit-hash 1234567890
escape-cli scans start 00000000-0000-0000-0000-000000000000 --override '{"scan": {"read_only": true}}'
Watch Scan¶
Bind the current terminal to a scan, listen for events and print them to the terminal.
Arguments: scan-id (ID of the scan to watch)
Get Scan¶
Get detailed information about a specific scan.
Aliases: describe\ Arguments: scan-id (ID of the scan)
Example Output:
ID STATUS CREATED AT PROGRESS
00000000-0000-0000-0000-000000000001 FINISHED 2024-11-27 08:06:59.576 +0000 UTC 1.000000
Get Scan Issues¶
List all issues of a scan.
Aliases: results, res, result, iss\ Arguments: scan-id (ID of the scan)
Example Output:
ID SEVERITY TYPE CATEGORY NAME IGNORED URL
00000000-0000-0000-0000-000000000001 MEDIUM API PROTOCOL Insecure Security Policy header false https://app.escape.tech/scan/00000000-0000-0000-0000-000000000005/issues/00000000-0000-0000-0000-000000000001/overview/
00000000-0000-0000-0000-000000000002 LOW API INFORMATION_DISCLOSURE Debug mode enabled false https://app.escape.tech/scan/00000000-0000-0000-0000-000000000005/issues/00000000-0000-0000-0000-000000000002/overview/
Download Scan Results¶
Download a scan result exchange archive.
Aliases: dl, zip\ Arguments:
scan-id(ID of the scan)archive-path(path where to save the ZIP file)
Example: