Welcome to Cortex CLI Discussions

[hmza-hb]

Cortex CLI is an open-source offensive security tool designed to help developers identify vulnerabilities directly from the terminal.

The vision is simple:

Make application security accessible, fast, and developer-friendly.

Instead of requiring dedicated security teams or complex enterprise tools, Cortex CLI aims to integrate security into a developer's everyday workflow.

🚀 Current goals
Detect common vulnerabilities
Generate actionable security reports
Run locally from the terminal
Keep the developer experience simple
Reduce false positives as much as possible
💬 We'd love your feedback

Feel free to use this space to:

Ask questions
Report bugs
Suggest new features
Share your experience using Cortex CLI
Discuss security ideas and best practices
Propose improvements

Some questions to get the discussion started:

What security checks would you expect from a CLI tool like this?
What would make you trust the generated reports?
What integrations would be most useful (GitHub, GitLab, CI/CD, Docker, etc.)?
What would make Cortex CLI a tool you'd use regularly?

Every piece of feedback helps shape the future of Cortex CLI.

Thanks for being here and helping build a better developer security experience. 🚀

[nameforge2]

This is an interesting idea.

I like the fact that it's terminal-first and runs locally. A lot of existing security tools are either too expensive or require too much setup for individual developers.

My biggest concern would be false positives. If Cortex can validate findings and keep the reports actionable instead of overwhelming users with hundreds of warnings, I could definitely see myself using it during development.

Looking forward to seeing where this goes. 🚀

[hmza-hb]

Thanks man, that's exactly one of the main things I'm trying to solve.

I don't want Cortex to be another scanner that just dumps 300 warnings on your screen. The goal is to keep the findings actionable and reduce false positives as much as possible.

Still building it, so feedback like this genuinely helps shape the direction of the project.