Audit CLI Reference

CounterAgent is organized into subcommands. The top-level entry point is counteragent.

counteragent --help

audit

Security scanner for MCP servers. Maps findings to the OWASP MCP Top 10.

Scan an MCP server for security vulnerabilities.

counteragent audit scan [OPTIONS]

Option	Required	Description
`--transport`	Yes	Transport type: `stdio`, `sse`, or `streamable-http`
`--command`	When `--transport stdio`	Server command to spawn (e.g., `"python my_server.py"`)
`--url`	When `--transport sse` or `streamable-http`	Server URL to connect to
`--checks`	No	Comma-separated scanner list (e.g., `"injection,auth"`)
`--output`	No	Output file path (default: `results/scan.json`)
`--format`	No	Output format: `json` or `sarif` (default: `json`)
`--verbose` / `-v`	No	Enable debug logging

counteragent audit scan \
  --transport stdio \
  --command "python my_server.py"

Run specific scanners only:

counteragent audit scan \
  --transport stdio \
  --command "python my_server.py" \
  --checks injection,auth \
  --output results/my-scan.json

Use --format sarif with audit scan or audit report to generate SARIF 2.1.0 reports compatible with GitHub Code Scanning.

Enumerate MCP server capabilities without running security checks.

counteragent audit enumerate [OPTIONS]

Option	Required	Description
`--transport`	Yes	Transport type: `stdio`, `sse`, or `streamable-http`
`--command`	When `--transport stdio`	Server command to spawn
`--url`	When `--transport sse` or `streamable-http`	Server URL to connect to

counteragent audit enumerate \
  --transport stdio \
  --command "python my_server.py"

Lists the server’s name, protocol version, tools, resources, and prompts.

List all available scanner modules and their OWASP mappings.

counteragent audit list-checks

No options. Prints a table of scanner modules with OWASP ID, description, and readiness status.

Generate a report from saved scan results.

counteragent audit report [OPTIONS]

Option	Required	Description
`--input`	Yes	Path to saved scan results JSON file
`--format`	No	Report format: `html`, `json`, or `sarif` (default: `html`)
`--output`	No	Output file path (defaults to input path with new extension)

Report generation is coming soon. The command is defined but not yet fully implemented.