CLI
The Inspect vulnerability scanner can be accessed through a CLI which can be installed and updated from the NPM registry:
#
helpThe help
command prints the current Inspect version and a description of commands that can be run.
#
loginInspect requires an account to use the public Inspect server for executing commands.
Creating an account or authenticating Inspect with an existing account is done by running the login
command:
Authenticating with Inspect stores the login information in ~/.inspect/auth.json
.
This file should be kept safe as it includes the authentication token.
#
logoutThe logout
command deletes the ~/.inspect/auth.json
file.
#
checkThe check
command queues a smart contract for analysis.
Only the compiled version (WebAssembly) of a smart contract is needed, its C++ source code is not required and never uploaded.
#
ArgumentsOption | Description |
---|---|
contract-wasm-path | path to a compiled EOSIO .wasm WebAssembly file |
#
reportsThe reports
command lists all finished analysis reports.
#
Optional ArgumentsIt optionally accepts a single report ID to view instead.
Option | Description |
---|---|
report-id | ID of a report to view |
#
clearThe clear
command deletes previous reports.
#
Optional ArgumentsBy default, the command deletes all reports. It optionally accepts a list of report IDs to delete.
Option | Description |
---|---|
report-ids | A list of report IDs to delete |