Deep Scan

Inkog Deep is an advanced orchestrator-based security analysis that goes beyond the standard Core scan. It uses an AI orchestrator to perform deeper analysis with enriched context, producing an agent profile, compliance mapping, and a premium HTML report.

Usage

# Deep scan your agent code
inkog -deep .
 
# Deep scan with HTML report
inkog -deep -output html . > deep-report.html
 
# Deep scan with JSON output
inkog -deep -output json . > deep-results.json
 
# Deep scan with SARIF output
inkog -deep -output sarif . > deep-results.sarif

Core vs Deep

Output Format Differences

Deep scans produce richer output across all formats:

• Text: Header shows “Inkog Deep” instead of “Inkog Core”, plus a Strengths section listing passing security checks
• HTML: Completely different premium report with Agent Profile, Severity Overview, Clean Detections, Compliance Summary, and Methodology sections
• JSON: Includes a deep_report object with agent_profile, clean_detections, compliance_summary, methodology, and severity_summary
• SARIF: Standard SARIF structure with findings from the deep analysis

How It Works

1. The CLI uploads redacted code to POST /v1/scan/deep
2. The server returns a scanID
3. The CLI polls GET /v1/scan/deep/{scanID} every 5 seconds
4. The AI orchestrator analyzes the code with enriched context
5. Results are returned when analysis completes (up to 30 minute timeout)

Combining with Other Options

All standard flags work with -deep:

# Deep scan with policy filtering
inkog -deep -policy low-noise .
 
# Deep scan with severity threshold
inkog -deep -severity high .
 
# Deep scan with verbose output
inkog -deep -verbose .