CLI

Scan and fix from the terminal with the olydi CLI.

olydi CLI

The CLI is the fastest way to run a scan and inspect the loop locally before wiring OLYDI into CI. It reads the repository at the current working directory and writes findings as SARIF.

Install

npm install -g @olydi/cli
# or run without installing
npx @olydi/cli scan

Scan

olydi scan walks the repository, fingerprints the stack, and runs the applicable detectors. Findings are written to SARIF and printed as a summary.

npx @olydi/cli scan
# Scan complete. 247 findings across 8 categories.
# SARIF written to olydi.sarif.

The scan is read-only. It never mutates the working tree.

Fix

olydi fix is the autonomous remediation pass. It opens a pull request per cleared finding rather than committing to your branch directly, and every PR clears the gate wall plus your own CI before it reaches review.

npx @olydi/cli fix --finding <id>
# Opens a pull request with the proposed change and its evidence chain.

Every fix is gated by the deterministic verification wall before a pull request is opened. The verdict is min(deterministic_floor, llm_verdict) — the deterministic floor always wins on disagreement.

Exit codes

Identifiers and exit codes are stable for scripting:

  • 0 — scan complete, no findings above the configured severity gate.
  • 1 — findings above the gate.
  • 2 — scan could not complete (configuration or access error).