Run Scans in CLI using Akto

You can run Akto scanning module via CLI for local probing of agent components.

When to Use

Run Akto probes locally on any agent collection
Results from CLI are NOT saved in Akto dashboard
Best used when developers want to run probes locally before committing code
Override application host URL to localhost or different staging URL

How to Use

Prepare the following environment variables:

AKTO_API_KEY - Go to My accounts > Settings > Integrations > Akto API > Generate token
AKTO_DASHBOARD_URL - URL of your dashboard
TEST_IDS - Space-separated list of test IDs to run (e.g., PROMPT_INJECTION MCP_AUTH_BYPASS) or ALL for all tests
API_COLLECTION_NAME - Collection name to test (e.g., agent_collection)
API_COLLECTION_ID - Collection ID (integer). Only one of API_COLLECTION_NAME or API_COLLECTION_ID is required
TEST_APIS - Space-separated list of components to test. If absent, all components are selected
OVERRIDE_APP_URL - Change the application host for testing
OUTPUT_LEVEL - Output level:
- NONE - No output file
- SUMMARY - [Default] Probes executed and list of vulnerable components
- DETAILED - Summary plus probe descriptions and impact
- DEBUG - Detailed output with original and attempt request/response

Example CLI:

docker run -v ${PWD}:/out \
   -e AKTO_DASHBOARD_URL=https://your.dashboard.url \
   -e TEST_IDS=PROMPT_INJECTION \
   -e API_COLLECTION_ID=1689063104 \
   -e AKTO_API_KEY=your_api_key \
   -e OUTPUT_LEVEL=DETAILED \
   aktosecurity/akto-api-testing-cli:latest

Results

Short summary (Component, Vulnerability, Severity) printed on command line
File output.txt contains probe details based on output level
If you see version mismatch error, match release version of dashboard vs probing-cli

Limitations

Results are not saved in Akto dashboard
Probes which use context will be skipped

PreviousConduct Role-Based Scanning NextCreate and Edit Auth Types

Last updated 2 months ago