Get started in three steps
Install the CLI
Install the Rafter security CLI using your preferred package manager.npm install -g @rafter-security/cli
Python 3.10+ required for pip installs. Verify your version:python3 --version # Must be 3.10 or higher
sudo apt update && sudo apt install -y python3 python3-pip python3-venv
sudo dnf install python3 python3-pip.
macOS: brew install python. Windows: install from python.org — pip is included. Start your first scan
Navigate to a Git repository, then run:cd /path/to/your/repo
rafter run --api-key "RFabc-your-api-key-here" --format md
export RAFTER_API_KEY="RFabc-your-api-key-here"
cd /path/to/your/repo
rafter run --format md
rafter scan is an alias for rafter run — use whichever you prefer. Add --mode plus (or -m plus) for deeper analysis with additional agent passes beyond the default fast scan.
What’s happening?
When you run rafter run, the CLI will:
- Auto-detect your repository and branch from Git
- Upload your code securely to Rafter’s scanning engine from Github
- Scan for vulnerabilities, secrets, and security issues
- Delete your code from Rafter’s scanning engine
- Display results directly in your terminal
The CLI only scans remote repositories, not your current local branch. Make sure your changes are pushed to the remote repository before scanning.
Bonus: Saving Results to a File
To run a scan and save the results to a file, you can use the following command:
rafter run --api-key "RFabc-your-api-key-here" --format md > security-report-$(date +%Y-%m-%d-%H-%M-%S).md
Next Steps
Want to know more about how we scan? See our handbook for detailed information about our scanning technology and security coverage. 
