OpenA2A CLI
Unified security platform for AI agents. 24 commands, 5 input modes, 706 tests.
Installation
npx opena2a-cli initnpm install -g opena2a-clibrew install opena2a-org/tap/opena2aCore Commands
Built-in commands with direct implementations.
opena2a initAssess project security posture with trust scoring
opena2a protectFix all auto-fixable findings: credentials, .gitignore, AI configs, config signing
opena2a guardConfig file integrity signing and verification (SHA-256)
opena2a runtimeAgent Runtime Protection wrapper with process/network/filesystem monitoring
opena2a verifyBinary integrity verification against OpenA2A Trust Registry
opena2a shieldUnified security orchestration: event log, policy, sessions, integrity, LLM analysis
opena2a detectShadow AI Discovery: find unmanaged AI agents and MCP servers, report governance gaps
opena2a mcpMCP server identity: audit configs, Ed25519 signing, trust verification
opena2a trustLook up trust profiles and security posture for agents and MCP servers
opena2a claimClaim ownership of your agent trust profile (Ed25519 identity)
opena2a demoInteractive AIM lifecycle and DVAA attack/defend walkthroughs
Adapter Commands
Commands that delegate to external tools through the CLI's adapter system.
opena2a scanHackMyAgent147 security checks, attack simulation, auto-fix
opena2a secretsSecretlessCredential management for AI coding tools
opena2a benchmarkOASB222 standardized attack scenarios, compliance scoring
| Command | Adapter | Description |
|---|---|---|
registry | AI Trust | Trust Registry queries |
identity | AIM | Agent identity management |
train | DVAA | Vulnerable agent training |
crypto | CryptoServe | PQC readiness |
broker | Secretless | Credential broker daemon |
Global Flags
| Flag | Description |
|---|---|
--ci | CI mode. No interactive prompts, machine-readable output. |
--quiet | Suppress non-essential output. |
--verbose | Verbose output with details. |
--format <text|json|sarif> | Output format. Default: text. |
--contribute | Share anonymized scan results with the community. |
-v, --version | Show CLI version. |
-h, --help | Show help. |
Guides
Improving Your Trust Score
Step-by-step workflow: check, claim, scan, fix, badge, and monitor.
Trust Badges
Add dynamic trust score badges to your README with GitHub Actions.
CI/CD Integration
GitHub Actions and GitLab CI examples for automated security checks.
Smart Input Modes
Semantic search, contextual hints, natural language, and guided wizard.
Command Categories
The 24 commands are organized into six functional categories that cover the full agent security lifecycle:
| Category | Commands | Purpose |
|---|---|---|
| Detection | detect, mcp, status | Discover unmanaged AI agents, MCP servers, and aggregate security posture. |
| Identity | claim, trust, self-register, verify | Manage agent identities, trust profiles, and binary integrity verification. |
| Governance | scan-soul, harden-soul, review | Evaluate and improve behavioral governance (SOUL.md) against OASB v2 controls. |
| Scanning | scan, benchmark, baselines, secrets | Run security checks, attack simulations, behavioral profiling, and credential scans. |
| Protection | init, protect, guard, shield, runtime | Assess posture, fix findings, sign configs, orchestrate defenses, and monitor at runtime. |
| Trust | config, demo | Manage CLI preferences and run interactive security walkthroughs. |
Quick Start
After installation, the fastest way to assess your project is the three-command workflow:
# 1. Assess project security posture and trust score opena2a init # 2. Auto-fix credential leaks, .gitignore gaps, and config signing opena2a protect # 3. Full multi-phase review with HTML report opena2a review
For CI/CD pipelines, append --ci --format json to any command for machine-readable output and non-zero exit codes on failures. See the CI/CD Integration guide for full pipeline examples.
Verify Installation
$ opena2a --version opena2a-cli v0.5.4 $ opena2a --help Usage: opena2a <command> [options] Commands: init, protect, guard, runtime, verify, shield, detect, mcp, trust, claim, demo, scan, secrets, benchmark, review, scan-soul, harden-soul, ...
Source: github.com/opena2a-org/opena2a | Published on npm as opena2a-cli