The PromptGuard CLI scans your codebase locally to detect unprotected LLM SDK calls before you push to Git. It supports Python, JavaScript, and TypeScript projects.
Installation
macOS (Homebrew)
Linux / macOS (Binary)
Cargo (Rust)
Verify Installation
Quick Start
Scan Your Project
Initialize Protection
- Detects which LLM providers you use
- Installs the PromptGuard SDK
- Adds
promptguard.init()to your entry point - Shows you what changed
Commands
promptguard scan
Scan for unprotected LLM SDK calls.
| Option | Description |
|---|---|
--format <fmt> | Output format: pretty (default), json, sarif |
--severity <level> | Minimum severity: low, medium, high |
--include <glob> | Only scan matching files |
--exclude <glob> | Skip matching files |
--ci | CI mode: exit code 1 if issues found |
promptguard init
Initialize PromptGuard SDK in your project.
| Option | Description |
|---|---|
--api-key <key> | PromptGuard API key (or use env var) |
--mode <mode> | enforce (default) or monitor |
--dry-run | Show what would change without modifying files |
--provider <name> | Only configure specific provider |
promptguard check
Check if protection is properly configured.
promptguard fix
Auto-fix unprotected calls by adding SDK initialization.
| Option | Description |
|---|---|
--dry-run | Show diff without applying |
--file <path> | Fix specific file only |
promptguard providers
List detected LLM providers in your codebase.
Supported Providers
| Provider | Python | JavaScript/TypeScript |
|---|---|---|
| OpenAI | ✅ | ✅ |
| Anthropic | ✅ | ✅ |
| Google AI | ✅ | ✅ |
| Cohere | ✅ | ✅ |
| AWS Bedrock | ✅ | ✅ |
| Azure OpenAI | ✅ | ✅ |
| Mistral | ✅ | ✅ |
| Groq | ✅ | ✅ |
Configuration
.promptguardrc
Create a config file in your project root:
Environment Variables
| Variable | Description |
|---|---|
PROMPTGUARD_API_KEY | API key for init command |
PROMPTGUARD_LOG_LEVEL | debug, info, warn, error |
NO_COLOR | Disable colored output |
CI/CD Integration
GitHub Actions
GitLab CI
Pre-commit Hook
Output Formats
Pretty (Default)
Human-readable colored output for terminal use.JSON
SARIF
GitHub Code Scanning compatible format:Troubleshooting
Command not found after installation
Command not found after installation
Solution: Add to PATH
No LLM calls detected
No LLM calls detected
Check:
- Are you in the right directory?
- Are the files in the include patterns?
- Try:
promptguard scan --include "**/*.py"
False positives in comments/strings
False positives in comments/strings
The CLI uses AST parsing, not regex. If you see false positives:
- Report at github.com/promptguard/cli/issues
- Use
--excludeto skip problematic files