scan

Run a security scan against a target endpoint.

Usage

bash

agentprey scan --target <url> --category prompt-injection

Flag	Type	Default	Notes
--target	string	none	Target HTTP endpoint URL. Required unless [target].endpoint is present in --config.
--header	repeatable string	[]	Additional request header in KEY: VALUE format. Repeat the flag for multiple headers.
--timeout-seconds	u64	30	Per-request timeout in seconds.
--vectors-dir	path	vectors	Directory containing vector YAML files.
--category	string	all	Optional category filter, for example prompt-injection.
--json-out	path	none	Write JSON scan artifact to this path.
--html-out	path	none	Write HTML scan artifact to this path.
--config	path	none	Load .toml project config. CLI flags still override config values.
--retries	u32	2	Retry attempts for transient request failures.
--retry-backoff-ms	u64	250	Base retry backoff in milliseconds.
--max-concurrent	usize	2	Maximum vectors executed concurrently. Values below 1 are clamped to 1.
--rate-limit-rps	u32	10	Global request rate limit (requests per second). Values below 1 are clamped to 1.
--redact-responses	bool flag	enabled by default	Explicitly enable response redaction in output artifacts.
--no-redact-responses	bool flag	disabled	Disable response redaction in output artifacts. Conflicts with --redact-responses.

bash

agentprey scan   --target http://127.0.0.1:8787/chat   --category prompt-injection

bash

agentprey scan   --target http://127.0.0.1:8787/chat   --category prompt-injection   --json-out ./scan.json   --html-out ./scan.html

bash

agentprey scan   --target https://your-agent.example/api   --header "Authorization: Bearer token"   --header "X-Environment: staging"

bash

agentprey scan   --config .agentprey.toml   --target https://override.example/api   --rate-limit-rps 5

bash

agentprey scan   --target http://127.0.0.1:8787/chat   --retries 3   --retry-backoff-ms 300   --max-concurrent 2   --rate-limit-rps 8

← Previous

Quickstart

init