{"schemaVersion":"opencli.cli.v1","slug":"grype","name":"Grype","shortName":"grype","binaryName":"grype","maker":{"slug":"anchore","name":"Anchore","type":"org","url":"https://anchore.com","officialPlatformMaker":true,"featuredBuilder":false},"category":"Security","description":"The official CLI from Anchore. Vulnerability scanning, sbom analysis, and policies from the terminal. Supports structured output — good for scripts and agents.","tagline":"Vulnerability scanning, sbom analysis, and policies from the terminal.","install":{"packageManager":"brew","command":"brew install grype","packageName":null,"npmPackage":null,"brewFormula":"grype","brewCask":null,"crateName":null,"pypiPackage":null,"goPackage":null,"dockerImage":null},"verify":{"command":"grype --version","signal":"grype responds locally and is ready for the first real command."},"quickStart":"grype dir:.","exampleWorkflow":["grype dir:."],"agent":{"readiness":{"label":"Great for agents","score":75,"reasons":["Structured output is available for parsing.","Supports non-interactive/scripted use.","Works well in CI or repeatable automation."],"guardrails":[]},"packUrl":"https://opencli.co/cli/grype/agent.md","packMarkdown":"# OpenCLI Agent Pack: Grype\n\nUse this when an AI agent needs to work with `grype`.\n\n## What this CLI is for\nThe official CLI from Anchore. Vulnerability scanning, sbom analysis, and policies from the terminal. Supports structured output — good for scripts and agents.\n\nBest for: vulnerability scanning, sbom analysis, and policies from the terminal.\n\n## Agent readiness\nGreat for agents (75/100)\n- Structured output is available for parsing.\n- Supports non-interactive/scripted use.\n- Works well in CI or repeatable automation.\n\n## Install\n```sh\nbrew install grype\n```\n\n## Verify before real work\n```sh\ngrype --version\n```\nExpected signal: grype responds locally and is ready for the first real command.\n\n## Safe starting commands\n```sh\ngrype --version\n```\n\n```sh\ngrype dir:.\n```\n\n## Guardrails for agents\n- Run the verify command first.\n- Summarize findings before taking actions with side effects.\n\n## Suggested agent instruction\nYou may use Grype (`grype`) for vulnerability scanning, sbom analysis, and policies from the terminal.. First install it if missing, then run the verify command. Start with read-only or inspection commands. Summarize what you found before changing anything. Ask for confirmation before commands that mutate remote state, spend money, deploy, delete data, merge code, or expose secrets.\n\nSource: OpenCLI\n"},"fit":{"bestFor":"vulnerability scanning, sbom analysis, and policies from the terminal.","useThisIf":"You want security scanning you can script with structured output.","skipIf":"You don't work with security scanning.","whatHappensNext":"Run `grype dir:.` and see what comes back."},"capabilities":{"agentFriendly":true,"supportsJsonOutput":true,"supportsNonInteractive":true,"supportsDryRun":false,"requiresAuth":false,"requiresNetwork":false,"ciFriendly":true,"localFirst":false,"destructivePotential":"low"},"taxonomy":{"useCases":["Vulnerability scanning","SBOM analysis","Policies"],"aliases":["vuln cli"],"keywords":["vulnerability scan sbom"],"tags":["official","agent-friendly","ci-friendly","json-output"]},"links":{"website":"https://github.com/anchore/grype","github":"https://github.com/anchore/grype","docs":"https://github.com/anchore/grype","opencli":"https://opencli.co/cli/grype","markdown":"https://opencli.co/cli/grype/agent.md","json":"https://opencli.co/cli/grype.json"},"metrics":{"githubStars":12348,"latestRelease":"2026-06-05T16:09:58Z","license":"Apache-2.0","metricLabel":"Homebrew installs (30d)","metricValue":2141,"metricSource":"homebrew","metricAsOf":"2026-06-08T11:00:52.159Z"}}