CLI Command Reference - Zenable Governance Platform

Overview

Zenable - Clean Up Sloppy AI Code and Prevent AI-Created Security Vulnerabilities

Global Options

These options are available for all commands:

Option	Description
`--verbose`	Enable verbose output
`--debug`	Enable debug output
`-h`, `--help`	Show help message

Commands

`install`

Install the Zenable integrations.

uvx zenable-mcp install [OPTIONS] [COMMAND] [ARGS]...

Note: You can use unified commands like install cursor or install antigravity, or use subcommands like install mcp cursor and install hook claude. The unified commands are simpler and install all features.

Options

Option	Description
`--dry-run`	Preview what would be done without actually performing the installation
`-g`, `--global`	Install globally in user’s home directory instead of project directory
`--include TEXT`	Include only directories matching these glob patterns (e.g., `'*/microservice-'`)
`--exclude TEXT`	Exclude directories matching these glob patterns
`--all`	Install for all supported IDEs, even if not currently installed
`-h`, `--help`	Show help message

Running outside a git repository? The installer will search for git repositories below your current location and present an interactive TUI to select which repositories to install into. You can select one or more repositories, or choose to install globally.

Subcommands

`install mcp`

Install Zenable MCP server configuration. Uses OAuth for secure authentication.

uvx zenable-mcp install mcp [OPTIONS] COMMAND [ARGS]...

Supported IDE commands:

all - Install MCP for all detected IDEs (default)
amazonq - Install MCP for Amazon Q Developer
claude - Install MCP for Claude Code
codex - Install MCP for Codex
continue - Install MCP for the Continue IDE*
copilot - Install MCP for GitHub Copilot CLI
cursor - Install MCP for Cursor IDE and cursor-agent CLI
gemini - Install MCP for Gemini CLI
roo - Install MCP for Roo Code
vscode - Install MCP for Visual Studio Code
windsurf - Install MCP for Windsurf IDE

`install hook`

Install hooks for various tools.

uvx zenable-mcp install hook [OPTIONS] COMMAND [ARGS]...

Supported hook commands:

all - Install hooks for all supported tools
claude - Install Claude Code hooks
cursor - Install Cursor hooks

Options

Option	Description
`--dry-run`	Preview what would be done without actually performing the installation
`--include TEXT`	Include only directories matching these glob patterns (e.g., `'*/microservice-'`)
`--exclude TEXT`	Exclude directories matching these glob patterns
`-h`, `--help`	Show help message

Examples

# Install for all detected IDEs (recommended)
uvx zenable-mcp install

# Install for a specific IDE using unified command (recommended)
uvx zenable-mcp install cursor
uvx zenable-mcp install claude

# Install Zenable for all detected IDEs, globally
uvx zenable-mcp install --global

# Preview what would be done without installing
uvx zenable-mcp install --dry-run

# Advanced: Install only MCP (without hooks) for all detected IDEs
uvx zenable-mcp install mcp

# Advanced: Install only MCP for a specific IDE
uvx zenable-mcp install mcp cursor

# Advanced: Install only hooks
uvx zenable-mcp install hook
uvx zenable-mcp install hook claude
uvx zenable-mcp install hook cursor

`check`

Check the provided files against your conformance tests.

uvx zenable-mcp check [OPTIONS] [PATTERNS]...

Automatically detects files from IDE context when no patterns are provided. Supports glob patterns like **/*.py to check all Python files recursively. Files are processed in batches of 5 for optimal performance.

Arguments

PATTERNS: Glob patterns for files to check (e.g., '**/*.py', 'src/**/*.js')
- If no patterns are provided, we auto-detect the last edited file, subject to some filtering, and sends that. For filtering details use --verbose

Options

Option	Description
`--exclude TEXT`	Patterns to exclude from checking
`--base-path DIRECTORY`	Base directory for pattern matching (defaults to current directory)
`--branch`	Check all files changed on the current branch compared to the base branch
`--base-branch TEXT`	Base branch to compare against when using `--branch` (default: `$ZENABLE_CHECK_BASE_BRANCH` or `main`)
`--dry-run`	Show which files would be sent without actually checking them
`-h`, `--help`	Show help message

Configuration

The check command supports configuration via environment variables:

Environment Variable	Description	Default
`ZENABLE_CHECK_BASE_BRANCH`	Default base branch to compare against when using `--branch`	`main`

Example

# Set default base branch to develop
export ZENABLE_CHECK_BASE_BRANCH=develop

# Now --branch uses develop instead of main
uvx zenable-mcp check --branch

# CLI option still overrides env var
uvx zenable-mcp check --branch --base-branch feature/base

Examples

# Check a single file
uvx zenable-mcp check example.py

# Check all Python files recursively
uvx zenable-mcp check '**/*.py'

# Check multiple patterns
uvx zenable-mcp check 'src/**/*.js' 'tests/**/*.js'

# Exclude test files from checking
uvx zenable-mcp check '**/*.py' --exclude '**/test_*.py'

# Specify base directory for pattern matching
uvx zenable-mcp check '*.py' --base-path ./src

# Check all files changed on current branch compared to main
uvx zenable-mcp check --branch

# Check all files changed on current branch compared to develop
uvx zenable-mcp check --branch --base-branch develop

# Check only Python src files changed on current branch
uvx zenable-mcp check --branch '**/*.py' --exclude '**/test_*.py'

# Dry run to see which files would be checked
uvx zenable-mcp check '**/*.py' --dry-run

`hook`

Handle calls from the hooks of Agentic IDEs.

uvx zenable-mcp hook [OPTIONS]

This command is specifically designed for IDE integrations like Claude Code and Cursor. It reads hook input from stdin, processes the files, and returns appropriate exit codes and formatted responses for the IDE to handle. To manually run a scan, use the ‘check’ command instead.

Options

Option	Description
`-h`, `--help`	Show help message

`logs`

View zenable_mcp logs.

uvx zenable-mcp logs [OPTIONS]

Options

Option	Description
`-f`, `--follow`	Follow log output (like `tail -f`)
`-r`, `--raw`	Show raw log entries instead of just messages
`-n`, `--lines INTEGER`	Number of lines to show (from end of file, default: 50)
`--clear`	Clear the log file (cannot be used with other options)
`-h`, `--help`	Show help message

Examples

# View recent logs
uvx zenable-mcp logs

# Follow logs in real-time
uvx zenable-mcp logs --follow

# Show last 50 lines
uvx zenable-mcp logs -n 50

# Clear logs
uvx zenable-mcp logs --clear

`version`

Show the zenable-mcp version.

uvx zenable-mcp version [OPTIONS]

Options

Option	Description
`-h`, `--help`	Show help message

Will also notify you if an update is available.

Configuration Files

MCP Server Configuration

The tool creates MCP server configuration in IDE-specific locations, appropriate for that individual IDE. For instance:

{
  "mcpServers": {
    "zenable": {
      "type": "http",
      "url": "https://mcp.zenable.app/"
    }
  }
}

Hook Configuration (Claude Code)

Hooks are configured in Claude Code settings (.claude/settings.json):

{
  "hooks": {
    "PostToolUse": [
      {
        "matcher": "Write|Edit|MultiEdit",
        "hooks": [
          {
            "type": "command",
            "command": "uvx zenable-mcp@latest hook"
          }
        ]
      }
    ]
  }
}

Hook Configuration (Cursor)

Hooks are configured in Cursor hooks file (.cursor/hooks.json):

{
  "version": 1,
  "hooks": {
    "afterFileEdit": [
      {
        "command": "uvx zenable-mcp@latest hook"
      }
    ]
  }
}

Exit Codes

Code	Meaning
0	Success
2	Conformance issues found
3	Handler conflict
4	No hook input
12	No files specified
13	No files found
14	File read error
15	Invalid parameters
16	File write error
20	API error
21	Authentication error
51	Installation error
52	Partial success
130	User interrupt

File Patterns

Glob Pattern Examples

# All Python files recursively
'**/*.py'

# Multiple extensions
'**/*.{js,ts,jsx,tsx}'

# Specific directory
'src/**/*.py'

# All files in current directory
'*'

# All files recursively
'**/*'

# Specific depth
'*/*.py'  # One level deep
'*/*/*.py'  # Two levels deep

Common Exclusions

# Python
--exclude '**/{__pycache__,venv,.venv,migrations}/**'

# JavaScript/Node
--exclude '**/{node_modules,dist,build,.next}/**'

# General
--exclude '.git/**'
--exclude '**/*.min.js'
--exclude '**/*.map'
--exclude '**/vendor/**'

Troubleshooting

Debug Mode

Enable debug output for troubleshooting:

# Maximum verbosity
uvx zenable-mcp --debug install

# Run a check with verbose output
uvx zenable-mcp --verbose check '**/*.py'

# View debug logs
uvx zenable-mcp logs --lines 100

Dry Run Mode

Preview changes without applying:

# Preview installation
uvx zenable-mcp install --dry-run

# Preview with specific IDE
uvx zenable-mcp install mcp cursor --dry-run

*Continue users may experience issues until Continue adds support for streamable HTTP.

Overview

Integrations

IDE Installation Guides

Tools & Reference

Use Cases

​Overview

​Global Options

​Commands

​install

​Options

​Subcommands

install mcp

install hook

Options

​Examples

​check

​Arguments

​Options

​Configuration

Example

​Examples

​hook

​Options

​logs

​Options

​Examples

​version

​Options

​Configuration Files

​MCP Server Configuration

​Hook Configuration (Claude Code)

​Hook Configuration (Cursor)

​Exit Codes

​File Patterns

​Glob Pattern Examples

​Common Exclusions

​Troubleshooting

​Debug Mode

​Dry Run Mode

​See Also

Overview

Global Options

Commands

`install`

Options

Subcommands

`install mcp`

`install hook`

Examples

`check`

Arguments

Options

Configuration

Examples

`hook`

Options

`logs`

Options

Examples

`version`

Options

Configuration Files

MCP Server Configuration

Hook Configuration (Claude Code)

Hook Configuration (Cursor)

Exit Codes

File Patterns

Glob Pattern Examples

Common Exclusions

Troubleshooting

Debug Mode

Dry Run Mode

See Also