> ## Documentation Index
> Fetch the complete documentation index at: https://docs.pipefort.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Overview

> pipefort is a single Go binary that scans GitHub Actions workflows for CI/CD risks.

The CLI is the original surface for Pipefort's scan engine. It targets a single repo at a time — local directory or remote GitHub URL — and writes findings to your terminal or stdout in JSON. It runs entirely offline (other than fetching a remote repo via `git clone`), making it well-suited for CI gating and pre-commit hooks.

## When to reach for the CLI

<CardGroup cols={2}>
  <Card title="Pre-commit / IDE checks" icon="code">
    Scan the working copy of a repo you're editing locally.
  </Card>

  <Card title="CI gating" icon="circle-check">
    Run as a GitHub Actions step that fails the build on findings at or above a chosen severity.
  </Card>

  <Card title="Auditing a single repo" icon="magnifying-glass">
    Point `-g owner/repo` at any public GitHub repo and get a posture report in seconds.
  </Card>

  <Card title="Triage + auto-fix" icon="wrench">
    Run with `--fix` to have the scanner rewrite YAML in place for fixable categories.
  </Card>
</CardGroup>

## When to use the web app instead

The CLI scans **one repo at a time** and persists nothing. For continuous, multi-repo visibility — historical trends, organization-wide posture, deep links from the dashboard back to GitHub — use the [web app](/webapp/overview).

## Next

<CardGroup cols={2}>
  <Card title="Installation" icon="download" href="/cli/installation">
    Download and install the binary for your platform.
  </Card>

  <Card title="Usage" icon="terminal" href="/cli/usage">
    Examples for local, remote, single-file, and JSON output.
  </Card>
</CardGroup>
