Skip to content

Policyglass

CLI

clawlter/policyglass

CLI reference

`policyglass check`

Validate a directory tree against a policy file.

policyglass check TARGET --policy POLICY [--format text|json]

Arguments

TARGET: directory to scan

Options

--policy: YAML policy file to load
--format: output mode; one of text or json

Behavior

resolves both target and policy to absolute paths before running
exits with 1 when any finding exists
prints a concise text report by default
prints structured JSON when --format json is used
scans every file under the target tree, including the policy file itself if it lives under the target

`policyglass init`

Write a starter policy file.

policyglass init DESTINATION [--force]

Arguments

DESTINATION: file path to create

Options

--force: overwrite an existing file

Behavior

creates parent directories automatically
refuses to overwrite an existing file unless --force is provided

Output shape

Text

FAIL /repo
Scanned files: 3
Findings:
- forbidden_glob: secrets.pem — Path matches forbidden glob: *.pem

JSON

{
  "root": "/repo",
  "passed": false,
  "scanned_file_count": 3,
  "findings": [
    {
      "code": "forbidden_glob",
      "path": "secrets.pem",
      "message": "Path matches forbidden glob: *.pem"
    }
  ]
}