Basic Usage
Options
Target to test. Accepts URLs, repositories, local directories, domains, or IP addresses. Can be specified multiple times.
Bind-mount a local directory into the sandbox (read-only) instead of copying it in file-by-file. Use this for large repositories that are too big to stream into the container. Can be specified multiple times.Strix copies local
--target directories into the sandbox one file at a time, which stalls on very large trees. When a local target exceeds the copy limit (see STRIX_MAX_LOCAL_COPY_MB, default 1024 MB) Strix exits early and asks you to re-run with --mount.The mount is read-only to protect your source from accidental modification. This is not a hard security boundary: a root process inside the container can remount it writable, so treat
--mount as “scan my own code”, not as isolation from untrusted code.The size pre-flight only covers local directory targets. Remote repositories (cloned at scan time) are not size-checked.
Custom instructions for the scan. Use for credentials, focus areas, or specific testing approaches.
Path to a file containing detailed instructions.
Scan depth:
quick, standard, or deep.Code scope mode:
auto (enable PR diff-scope in CI/headless runs), diff (force changed-files scope), or full (disable diff-scope).Target branch or commit to compare against (e.g.,
origin/main). Defaults to the repository’s default branch.Run in headless mode without TUI. Ideal for CI/CD.
Path to a custom config file (JSON) to use instead of
~/.strix/cli-config.json.Maximum LLM spend in USD for the whole scan, counted cumulatively across the
root agent and every child agent. The budget is checked after each model
response; once the running cost reaches the threshold, the scan stops cleanly
with a
stopped status (not a failure) and the sandbox is torn down.Must be greater than 0. Omit the flag for no limit.Limitations- The check fires after a response is returned, so the final spend can slightly overshoot the limit by any calls already in flight when the threshold is crossed (most relevant with several child agents running concurrently).
- Cost is a best-effort estimate derived from token usage and model pricing; providers that do not expose priced usage may under-count.
- For LiteLLM-routed models, Strix enables streaming success callbacks to capture provider-reported cost. Message content remains excluded, but third-party LiteLLM callbacks configured in the same process can receive other streaming metadata such as model names, request IDs, and token counts.
Examples
Exit Codes
| Code | Meaning |
|---|---|
| 0 | Scan completed, no vulnerabilities found |
| 2 | Vulnerabilities found (headless mode only) |