Demo Commands
Copy-paste command workflows for every OpenA2A tool. From install to output in under a minute.
npx opena2a-cli initOn this page
OpenA2A CLI
DocsUnified entry point for all security tools. Assess, protect, and harden any project.
npx opena2a-cli initnpm install -g opena2a-cliopena2a init --verboseopena2a ~driftopena2a ?Credential Protection
DocsDetect hardcoded credentials, migrate to env vars, and generate reports.
opena2a protect --dry-runopena2a protectopena2a protect --dry-run --report report.htmlopena2a protect --dry-run --ci --format jsonThe --report flag generates a self-contained HTML file with severity filtering, audience toggle, and donut chart.
Sample report: View a sample interactive HTML report generated by opena2a protect --report.
HackMyAgent
DocsSecurity scanner with 147 security checks, attack simulation, and auto-fix.
npx hackmyagent secureopena2a scannpx hackmyagent secure --fixnpx hackmyagent attack http://localhost:3000npx hackmyagent secure --format json > report.jsonSecretless AI
DocsKeep secrets out of AI tool context windows. Supports Claude Code, Cursor, Copilot, Windsurf.
npx secretless-ai initopena2a secrets initnpx secretless-ai verifyopena2a broker startAIM (Agent Identity Management)
DocsIdentity, access control, and trust scoring for AI agents.
opena2a identity listopena2a identity create --name my-agentopena2a identity trust my-agentdocker compose up aim-server -dOASB (Open Agent Security Benchmark)
Docs222 standardized attack scenarios across 10 MITRE ATLAS techniques.
opena2a benchmark runopena2a benchmark run --technique T0015opena2a benchmark run --format jsonARP (Agent Runtime Protection)
DocsRuntime security monitoring for OS-level and AI-layer activity.
opena2a runtime initopena2a runtime startopena2a runtime tailopena2a runtime statusShadow AI Discovery
DocsFind unmanaged AI agents and MCP servers. Answer: what is running, and is it governed?
opena2a detectopena2a detect --dir ./my-agentopena2a detect --verboseopena2a detect --ci --format jsonMCP Server Identity
DocsAudit MCP configs, create Ed25519 identities, and verify signatures.
opena2a mcpopena2a mcp sign filesystemopena2a mcp verify filesystemopena2a mcp audit --verboseInteractive Demos
DocsRun full AIM lifecycle and DVAA attack/defend walkthroughs in a sandbox.
opena2a demo aimopena2a demo dvaaopena2a demo aim --interactiveopena2a demo aim --keepConfig Guard
DocsSHA-256 signing and tamper detection for config files.
opena2a guard signopena2a guard verifyopena2a guard statusDVAA (Damn Vulnerable AI Agent)
DocsIntentionally vulnerable AI agent for security training.
opena2a train startdocker run -p 3000:3000 opena2a/dvaaCryptoServe
DocsCryptographic inventory and post-quantum readiness assessment.
opena2a crypto scanpip install cryptoserve && cryptoserve scan .CI/CD Integration
All commands support --format json and --ci flags for pipeline integration.
- name: Security assessment
run: npx opena2a-cli init --ci --format json > security-report.json
- name: Credential check
run: |
npx opena2a-cli protect --dry-run --ci --format json > cred-report.json
jq -e '.totalFound == 0' cred-report.json
- name: Config integrity
run: npx opena2a-cli guard verify --ci