CLI Reference — DefenseClaw
CLI Reference
DefenseClaw ships two CLI binaries. Use <command> --help for detailed usage on any command.
| Binary | Language | Purpose |
|---|
defenseclaw | Python (Click) | Primary user CLI for scanning, enforcement, and configuration |
defenseclaw-gateway | Go (Cobra) | Gateway sidecar daemon, code scanning, and policy management |
Python CLI (defenseclaw)
Top-Level Commands
| Command | Description |
|---|
init | Create ~/.defenseclaw, audit database, install scanner dependencies |
status | Show environment, scanner availability, enforcement counts, sidecar health |
alerts | Show recent security alerts (-n to set limit, default 25) |
doctor | Verify credentials, endpoints, and connectivity for all services |
setup
| Command | Description |
|---|
setup skill-scanner | Configure skill-scanner analyzers, API keys, and scan policy |
setup mcp-scanner | Configure MCP scanner analyzers and providers |
setup gateway | Configure gateway sidecar connection settings |
setup guardrail | Configure LLM guardrail mode, model, port, and API keys |
setup splunk | Configure Splunk HEC, OTLP, and local bridge integration |
skill
| Command | Description |
|---|
skill list | List all OpenClaw skills with scan severity and enforcement status |
skill scan <target> | Scan a skill by name, path, or all for every configured skill |
skill search <query> | Search the clawhub registry for skills |
skill install <name> | Install from clawhub/npm/URL, scan, and enforce admission gate |
skill info <name> | Show detailed metadata, scan results, and enforcement actions |
skill block <name> | Add to block list (--reason for audit trail) |
skill allow <name> | Add to allow list (removes from block list) |
skill disable <name> | Disable at runtime via gateway sidecar |
skill enable <name> | Re-enable a previously disabled skill |
skill quarantine <name> | Move files to quarantine directory |
skill restore <name> | Restore from quarantine to original location |
mcp
| Command | Description |
|---|
mcp list | List MCP servers with enforcement status |
mcp scan <url> | Scan an MCP server endpoint |
mcp block <url> | Add to block list |
mcp allow <url> | Add to allow list |
mcp set <key> <value> | Set an MCP configuration value |
mcp unset <key> | Remove an MCP configuration value |
plugin
| Command | Description |
|---|
plugin list | List installed OpenClaw plugins |
plugin scan <name> | Scan a plugin for security issues |
plugin install <name> | Install from local path, npm, clawhub://, or HTTP URL |
plugin remove <name> | Remove an installed plugin |
plugin info <name> | Show detailed plugin metadata and scan results |
plugin block <name> | Add to block list (--reason for audit trail) |
plugin allow <name> | Add to allow list |
plugin disable <name> | Disable at runtime via gateway sidecar |
plugin enable <name> | Re-enable a previously disabled plugin |
plugin quarantine <name> | Move plugin files to quarantine directory |
plugin restore <name> | Restore from quarantine to original location |
tool
| Command | Description |
|---|
tool block <name> | Block a tool (global or scoped with --source) |
tool allow <name> | Allow a tool (skip scan gate) |
tool unblock <name> | Remove from block/allow list |
tool list | List all tools in the block/allow list |
tool status <name> | Show block/allow status of a specific tool |
policy
| Command | Description |
|---|
policy create <name> | Create a new custom policy |
policy list | List all policies (built-in and custom) |
policy show <name> | Display policy details |
policy activate <name> | Activate a policy (applies to config and OPA data) |
policy delete <name> | Delete a custom policy |
policy validate | Compile-check Rego modules and validate data.json |
policy test | Run OPA Rego unit tests |
policy edit actions | Edit severity-to-action mappings |
policy edit scanner | Edit per-scanner action overrides |
policy edit guardrail | Edit guardrail thresholds and patterns |
aibom
| Command | Description |
|---|
aibom scan | Generate live AI Bill of Materials from the running OpenClaw environment |
Flags: --json (full inventory as JSON), --summary (summary table only), --only <categories> (comma-separated: skills,plugins,mcp,agents,tools,models,memory)
codeguard
| Command | Description |
|---|
codeguard install-skill | Install the CodeGuard skill into the OpenClaw workspace |
Go Gateway CLI (defenseclaw-gateway)
The Go binary runs the sidecar daemon and provides code scanning and policy management.
Daemon
| Command | Description |
|---|
| (no subcommand) | Run the sidecar in the foreground |
start | Start the sidecar as a background daemon |
stop | Stop the running daemon |
restart | Restart the daemon |
status | Show health of all subsystems |
Root flags: --token, --host, --port
scan
| Command | Description |
|---|
scan code <path> | Scan source code with CodeGuard static analyzer (--json for machine output) |
policy
| Command | Description |
|---|
policy validate | Compile-check Rego modules and validate data.json |
policy show | Display current OPA policy data |
policy evaluate | Dry-run admission policy for a given input |
policy reload | Hot-reload OPA policies (no restart required) |
evaluate flags: --target-type, --target-name, --severity, --findings
Key Flags Reference
defenseclaw init
| Flag | Description |
|---|
--skip-install | Skip automatic scanner dependency installation |
--enable-guardrail | Also configure and enable the LLM guardrail |
defenseclaw setup skill-scanner
| Flag | Description |
|---|
--use-llm | Enable LLM analyzer |
--use-behavioral | Enable behavioral dataflow analyzer |
--enable-meta | Enable meta-analyzer (false positive filtering) |
--use-virustotal | Enable VirusTotal binary scanning |
--use-aidefense | Enable Cisco AI Defense cloud analyzer |
--llm-provider | LLM provider: anthropic or openai |
--policy | Scan policy preset: strict, balanced, permissive |
--non-interactive | Use flags instead of interactive prompts |
defenseclaw setup guardrail
| Flag | Description |
|---|
--mode | observe (log only) or action (block threats) |
--scanner-mode | local, remote, or both |
--port | LiteLLM proxy port (default: 4000) |
--disable | Disable guardrail and revert configuration |
--restart | Restart sidecar and OpenClaw after configuration |
--non-interactive | Use flags instead of interactive prompts |
defenseclaw setup splunk
| Flag | Description |
|---|
--o11y | Enable Splunk Observability (OTLP) |
--logs | Enable Splunk log forwarding |
--realm | Splunk realm |
--access-token | Splunk access token |
--app-name | Application name for Splunk |
--disable | Disable Splunk integration |
--non-interactive | Use flags instead of interactive prompts |
