CLI Commands

`vibsec scan [path]`

Scans a project directory for security issues. Runs 30+ checks mapped to OWASP LLM Top 10 and ASVS 5.0.

vibsec scan              # scans current directory
vibsec scan ./my-project # scans a specific path

Options:

--json — Output results as JSON
--severity <level> — Minimum severity to report (critical, high, medium, low)

`vibsec policy init`

Generates a vibsec.policy.json file with default settings.

vibsec policy init

`vibsec policy show`

Displays the active policy configuration.

The install script automatically places VibSec.app in /Applications and launches it. The shield icon (🛡) appears in your menu bar. If it’s not running, just open VibSec from Applications or Spotlight.

The menu bar app provides:

One-click scan — scan any project directly from the menu bar
Port monitoring — flags risky open ports with OWASP references
Audit log — browse the last 50 audit entries

The app hides from the Dock — it only lives in your menu bar. Click the shield icon to toggle the panel.

Next: What VibSec checks for · Use Cases · Install Guide

CLI Commands

vibsec scan [path]

vibsec policy init

vibsec policy show

Menu bar app

`vibsec scan [path]`

`vibsec policy init`

`vibsec policy show`