Skip to Content
Free during beta·npx -y @inkog-io/cli scan .·Get API Key →
Getting StartedInstallation

Installation

Choose the installation method that works best for your workflow.

npx (No Install Required)

The fastest way to get started. Requires only Node.js 18+:

Terminal
$npx -y @inkog-io/cli scan .

This downloads the Inkog binary on first run and caches it at ~/.inkog/bin/ for future use. No global install needed.

To use a pre-installed binary (e.g., in corporate environments), set INKOG_BINARY_PATH=/path/to/inkog before running.

One-line installer for permanent installation. Works on macOS, Linux, and Windows (WSL).

Terminal
$curl -fsSL https://inkog.io/install.sh | sh

This script will:

  1. Download a pre-built binary for your platform (fastest)
  2. Fall back to go install if binaries aren’t available
  3. Add inkog to your PATH

Pre-built binaries are available for macOS (Intel & Apple Silicon), Linux (x86_64 & ARM64), and Windows.

Binary Download

Download pre-built binaries directly from GitHub Releases :

PlatformArchitectureBinary
macOSApple Silicon (M1/M2/M3)inkog-darwin-arm64
macOSIntelinkog-darwin-amd64
Linuxx86_64inkog-linux-amd64
LinuxARM64inkog-linux-arm64
Windowsx86_64inkog-windows-amd64.exe
# Example: Download and install on macOS Apple Silicon
curl -LO https://github.com/inkog-io/inkog/releases/latest/download/inkog-darwin-arm64
chmod +x inkog-darwin-arm64
sudo mv inkog-darwin-arm64 /usr/local/bin/inkog

Go Install

Requires Go 1.21 or later.

Terminal
$go install github.com/inkog-io/inkog/cmd/inkog@latest

If you get a “module not found” error, use:

GOPROXY=direct go install github.com/inkog-io/inkog/cmd/inkog@latest

Ensure $GOPATH/bin is in your PATH.

Homebrew (macOS/Linux)

brew tap inkog-io/inkog
brew install inkog

Verify Installation

Terminal
$inkog --version
inkog version 1.0.0 (darwin/arm64)

Build from Source

# Clone repository
git clone https://github.com/inkog-io/inkog.git
cd inkog
 
# Build
go build -o inkog ./cmd/inkog
 
# Install to PATH
sudo mv inkog /usr/local/bin/

GitHub Action

Add Inkog to your CI pipeline:

.github/workflows/security.yml
name: Security Scan
 
on: [push, pull_request]
 
jobs:
  inkog:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
 
      - name: Run Inkog Scanner
        uses: inkog-io/inkog-action@v1
        with:
          severity: critical,high
          format: sarif
          output: results.sarif
 
      - name: Upload SARIF
        uses: github/codeql-action/upload-sarif@v3
        with:
          sarif_file: results.sarif

Pre-commit Hook

.pre-commit-config.yaml
repos:
  - repo: https://github.com/inkog-io/inkog
    rev: v1.0.0
    hooks:
      - id: inkog
        args: ['--severity', 'critical,high', '--fail-on-findings']

API Key Setup (Cloud Scanning)

To use Inkog with cloud features (scan history, dashboard analytics, team collaboration):

  1. Create a free account at app.inkog.io 
  2. Navigate to Dashboard → API Keys
  3. Click Generate New Key and copy your API key
  4. Configure the CLI:
# Set your API key
export INKOG_API_KEY=your-api-key-here
 
# Or add to your shell profile
echo 'export INKOG_API_KEY=your-api-key-here' >> ~/.bashrc

An API key is required for all scans. Get your free key at app.inkog.io .

Verify Your Installation

Terminal
$inkog scan --help
Scan a directory or repository for AI agent logic flaws and security risks Usage: inkog scan [path] [flags] Flags: --config string Config file (default ".inkog.yaml") --format string Output format: text, json, sarif, markdown (default "text") -h, --help Help for scan --ignore strings Patterns to ignore (glob format) -o, --output string Output file path --repo string Remote Git repository URL --severity strings Filter by severity: critical, high, medium, low --fail-on-findings Exit with code 1 if findings detected

Next Steps

Configuration

Learn how to customize Inkog with config files, rule exclusions, and more.

Learn more
Last updated on
QuickstartConfiguration