CLI Reference
All Tachyonic CLI commands, flags, and environment variables
| Command | Description |
|---|
tachyonic scan | Run a security scan against a target |
tachyonic attacks | List available attacks |
tachyonic report | Generate a report from scan results |
tachyonic login | Authenticate with the Tachyonic platform |
tachyonic logout | Remove stored credentials |
tachyonic upload | Upload local scan results to the platform |
Run a security scan against an LLM endpoint, AI agent, or MCP server.
| Flag | Description |
|---|
--target <URL> | Target URL or endpoint |
--provider <NAME> | Provider preset: anthropic, open-ai, gemini, mistral, deep-seek, ollama, groq, together-ai |
--model <NAME> | Model to use |
--api-key <KEY> | API key (prefer env vars for security) |
--auth-mode <MODE> | Credential mode: api-key (default), session, auto |
| Flag | Description |
|---|
--categories <LIST> | Comma-separated attack categories to run |
--max-attacks <N> | Maximum number of attacks |
--parallel | Enable parallel execution |
--max-concurrent <N> | Max concurrent requests (default: 5) |
--min-delay <MS> | Min delay between requests in ms (default: 100) |
--no-triage | Disable triage engine, emit raw findings |
--include-builtin | Include built-in attacks alongside heuristics library |
--max-cost <USD> | Stop scan when estimated cost exceeds threshold |
| Flag | Description |
|---|
--format <FMT> | Output format: json (default), html, sarif |
--output <FILE> | Output file (default: stdout) |
--no-progress | Hide progress bar |
--include-raw | Include raw responses in output |
--verbose | Enable verbose logging |
| Flag | Description |
|---|
--mcp-transport <TYPE> | Transport: stdio (default), http |
--mcp-command <CMD> | MCP server command (stdio) |
--mcp-args <ARGS> | MCP server arguments (stdio) |
--mcp-url <URL> | MCP server URL (HTTP) |
| Flag | Description |
|---|
--verify-llm | Enable LLM-based verification of borderline detections |
--verify-provider <NAME> | Verification provider |
--verify-model <NAME> | Verification model |
--verify-consensus | Enable multi-judge consensus verification |
| Flag | Description |
|---|
--cloud | Submit scan to Tachyonic platform |
| Flag | Description |
|---|
--cli-command <CMD> | CLI command for agent testing |
--cli-agent <NAME> | CLI agent name |
--ssh-host <HOST> | SSH host for remote CLI execution |
| Variable | Description |
|---|
ANTHROPIC_API_KEY | Anthropic API key |
OPENAI_API_KEY | OpenAI API key |
GOOGLE_API_KEY | Google AI API key |
MISTRAL_API_KEY | Mistral API key |
DEEPSEEK_API_KEY | DeepSeek API key |
GROQ_API_KEY | Groq API key |
TOGETHER_API_KEY | Together AI API key |
TACHYONIC_API_KEY | Fallback API key for any provider |
HEURISTICS_PATH | Path to attack library (default: ~/.tachyonic) |
RUST_LOG | Log level: info, debug, tachyonic=debug |
tachyonic scan --categories prompt-injection,jailbreak,tool-abuse
| Category | OWASP | Description |
|---|
prompt-injection | LLM01 | Direct prompt injection attacks |
system-prompt-extraction | LLM01 | System prompt leakage |
jailbreak | LLM01 | Jailbreak and guardrail bypass |
indirect-injection | LLM01 | Indirect prompt injection via context |
tool-abuse | LLM06 | Tool parameter manipulation and chaining |
multi-turn-manipulation | LLM01 | Multi-turn conversation attacks |
vision-injection | LLM01 | Vision model attacks via images |
sensitive-disclosure | LLM02 | Sensitive information disclosure |
supply-chain | LLM05 | Supply chain and dependency attacks |
improper-output | LLM09 | Output handling vulnerabilities |
unbounded-consumption | LLM10 | Resource exhaustion attacks |
permission-escalation | LLM06 | Privilege escalation via agents |
multi-agent-injection | LLM06 | Multi-agent system attacks |
misinformation | LLM09 | Misinformation generation |
vector-embedding | LLM08 | Vector/embedding manipulation |
video-injection | LLM01 | Video-based attacks |
Tachyonic