Meet your autonomous product security engineer. Pixee is the agentic AppSec platform that turns scanner noise into validated, prioritized risk and writes fixes as your developers would — ending the security backlog instead of growing it. Learn more at pixee.ai.
This repository distributes pixee, the official command-line interface for the Pixee platform. It
is intended for Pixee customers and gives authenticated access to the Pixee REST API through dedicated
subcommands and a generic pixee api passthrough, and ships with coding-agent skills so tools like
Claude Code and OpenAI Codex can drive it natively.
brew tap pixee/pixee
brew install pixeePre-compiled binaries for linux-x64, darwin-arm64, and windows-x64 are published as
assets on each GitHub Release. Download the archive
for your platform, extract the pixee binary, and place it on your PATH.
# Authenticate against a Pixee deployment
pixee auth login --server https://pixee.example.com --token <your-token>
# Send an authenticated request to any Pixee REST API endpoint
pixee api /api/v1/repositories --paginate
# List workflows configured for a repository
pixee workflow list --repo my-repoRun pixee --help to see every subcommand.
To point pixee at a Pixee Enterprise Server with a privately signed certificate, configure trust through one of the
options below. pixee verifies certificates against its bundled Mozilla CA list, not the operating system's trust
store, so installing the CA in your OS keychain alone won't make the connection succeed.
Set NODE_EXTRA_CA_CERTS to a PEM file containing the chain. Verification still happens; only your specific CA is
added to the trust set, so the bearer token stays protected from passive eavesdroppers and on-path attackers.
NODE_EXTRA_CA_CERTS=/etc/ssl/internal-ca.pem pixee --server https://pixee.internal scan listFor a persistent setup, export the variable from your shell profile or set it in your deployment environment (CI variable, container env, Kubernetes secret, etc.).
If you genuinely cannot obtain the CA chain (short-lived sandbox, one-off connectivity check, ephemeral CI container
with no way to mount a PEM), pass --insecure or set PIXEE_INSECURE_TLS=true to skip certificate verification
entirely. A warning prints to stderr on every invocation so the choice stays visible in CI logs.
pixee --insecure --server https://pixee.internal scan list
PIXEE_INSECURE_TLS=true pixee --server https://pixee.internal scan listAvoid this in production: with verification off, anyone who can intercept the connection can read your bearer token and act as you against the API. Treat any persistent CI usage as a bug to come back and fix once the CA is available.
See Bun's tls.getCACertificates for the full chain loading
order (bundled Mozilla CAs → system keychain when NODE_USE_SYSTEM_CA=1 → NODE_EXTRA_CA_CERTS extras) and
Node's NODE_EXTRA_CA_CERTS docs for the env-var contract
Bun inherits.
The Pixee CLI ships with skills.sh-formatted skills that teach coding agents
(Claude Code, OpenAI Codex, and others) how to drive the CLI. The skills live under
skills/ and are licensed separately under the Apache License, Version 2.0.
Install every skill at once:
npx skills add pixee/pixee-cli --allOmitting --all opens an interactive picker so you can choose which skills to install. Or add
individual skills directly with npx skills add pixee/pixee-cli --skill <name>:
pixee-shared— global flags, exit codes, error handling. Prerequisite for the others.pixee-auth— login, status, credential precedence, and fixing exit-code-2 failures.pixee-api— thepixee apiescape hatch and HAL discovery.pixee-preferences— read and write Pixee organization preferences from files or stdin.pixee-repo—pixee repo listand the shared--reporesolution protocol.pixee-scan—pixee scan listandpixee scan get, with filters for repository, branch, detector tool, and analysis state.pixee-finding—pixee finding list(with--statsand filters across triage, fix, sca) andpixee finding view, scoped to a scan with per-finding analysis results inlined.pixee-workflow— workflow list/create/update/delete, event kinds, severity filters, and partial-update semantics.