CLI Reference

Warden provides a command-line interface for running code analysis locally and managing your configuration.

Quick Start

# Set your API key
export WARDEN_ANTHROPIC_API_KEY=sk-ant-...

# Run analysis on uncommitted changes
warden

# Run on specific files
warden src/auth.ts src/api/*.ts

# Run on a git range
warden main..HEAD

Commands

warden

warden [target] [options]

Run code analysis on the specified target. If no target is given, analyzes uncommitted changes.

target — Files, directories, or git refs to analyze (optional)

# Analyze uncommitted changes (default)
warden

# Analyze specific files
warden src/auth.ts

# Analyze a directory
warden src/api/

# Analyze changes in a git range
warden HEAD~3..HEAD

warden init

Initialize Warden in your project. Creates a configuration file and GitHub workflow.

$ warden init

Created warden.toml
Created .github/workflows/warden.yml

Next steps:
  1. Add a skill: warden add <skill-name>
  2. Set WARDEN_ANTHROPIC_API_KEY in .env.local
  3. Add WARDEN_ANTHROPIC_API_KEY to repository secrets
  4. Commit and open a PR to test

warden add

warden add <skill-name>

Add a skill trigger to your configuration. The skill must already be installed.

skill-name — Name of the skill to add (required)

$ warden add security-review

Added trigger for security-review to warden.toml

warden setup-app

warden setup-app [--org <name>]

Create a GitHub App for Warden. This gives you a custom bot identity instead of the generic "github-actions" user.

--org <name> — Create the app for an organization instead of your personal account

# For a personal account
warden setup-app

# For an organization
warden setup-app --org your-org

Global Options

Option	Description
`--skill <name>`	Run a specific skill instead of using triggers from config
`--fix`	Automatically apply suggested fixes
`--json`	Output results as JSON
`--fail-on <level>`	Exit with error code if findings meet severity: `critical`, `high`, `medium`, `low`
`--config <path>`	Path to config file (default: `warden.toml`)
`--verbose`	Show detailed output
`--help`	Show help message
`--version`	Show version number

Target Types

Warden accepts different types of targets for analysis:

Files and Directories

Specify paths directly to analyze specific files or directories.

# Single file
warden src/auth.ts

# Multiple files
warden src/auth.ts src/api/users.ts

# Glob patterns
warden "src/**/*.ts"

# Directory (analyzes all files)
warden src/api/

Git References

Use git refs to analyze changes between commits.

# Changes in last 3 commits
warden HEAD~3

# Changes between branches
warden main..HEAD

# Changes since a specific commit
warden abc1234..HEAD

# Uncommitted changes (default)
warden

Environment Variables

Variable	Description
`WARDEN_ANTHROPIC_API_KEY`	Your Anthropic API key (required)

You can set this in a .env.local file in your project root for local development.

Examples

Pre-commit Check

Run before committing to catch issues early.

# Check uncommitted changes
warden --skill security-review

# Fix issues automatically
warden --skill security-review --fix

CI Integration

Use in CI scripts with JSON output and exit codes.

# Fail CI on high severity issues
warden --json --fail-on high > results.json

# Review the output
cat results.json | jq '.findings[] | select(.severity == "high")'

Review PR Changes

Analyze all changes in a feature branch.

# Compare against main branch
warden main..HEAD

# Verbose output for debugging
warden main..HEAD --verbose