Skip to content

security

Run a staged infrastructure security scan across the current estate.

The security command inventories internet-facing surfaces, probes likely APIs safely, checks for exploitable misconfigurations and secret leaks, and builds attack vectors an operator can validate manually.

Usage

bash
clanker security [question] [flags]

Examples

bash
clanker security "what public surfaces are risky?"
clanker security "check exposed admin panels" --profile prod
clanker security "look for exploitable storage mistakes" --gcp-project my-project
clanker security "review AKS and public endpoints" --azure-subscription <subscription-id>

Flags

FlagDescription
--profileAWS profile for provider-side security helpers
--gcp-projectGCP project ID for provider-side security helpers
--azure-subscriptionAzure subscription ID for provider-side security helpers
--workspaceTerraform workspace for provider-side security helpers

Scope

Use this command for defensive review and validation. It is designed to combine cloud inventory, Terraform context, and safe probes; destructive exploitation remains outside the automatic flow.