{"id":49142479,"url":"https://github.com/nerdalytics/owl","last_synced_at":"2026-04-22T01:33:47.417Z","repository":{"id":352086437,"uuid":"1213591247","full_name":"nerdalytics/owl","owner":"nerdalytics","description":"Name an issue type. Owl `scan`s any local files for evidence-anchored findings, then refuses to trust its own report until `check` reproduces each one.","archived":false,"fork":false,"pushed_at":"2026-04-17T20:31:13.000Z","size":19,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"trunk","last_synced_at":"2026-04-17T21:22:50.199Z","etag":null,"topics":["agent-loop","auditing","claude-code","meta-prompting"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/nerdalytics.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-04-17T14:44:09.000Z","updated_at":"2026-04-17T20:31:16.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/nerdalytics/owl","commit_stats":null,"previous_names":["nerdalytics/owl"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/nerdalytics/owl","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nerdalytics%2Fowl","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nerdalytics%2Fowl/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nerdalytics%2Fowl/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nerdalytics%2Fowl/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/nerdalytics","download_url":"https://codeload.github.com/nerdalytics/owl/tar.gz/refs/heads/trunk","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nerdalytics%2Fowl/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32117411,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-22T00:31:26.853Z","status":"ssl_error","status_checked_at":"2026-04-22T00:30:22.894Z","response_time":128,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["agent-loop","auditing","claude-code","meta-prompting"],"created_at":"2026-04-22T01:33:45.176Z","updated_at":"2026-04-22T01:33:47.399Z","avatar_url":"https://github.com/nerdalytics.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Owl\n\nOwl audits local files for a named issue type, then verifies every finding by reproducing it with a test.\n\n[![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](LICENSE)\n[![Powered by Claude Code](https://img.shields.io/badge/Powered%20by-Claude%20Code-D97757.svg)](https://github.com/anthropics/claude-code)\n\nOwl is a single fish-shell function that wraps the `claude` CLI. It has two subcommands: `scan` and `check`.\n\n## How it works\n\n`scan` passes each file to `claude` in isolation and writes a report next to it. Findings must cite a specific line. Anything without a line reference gets dropped.\n\n`check` reads that report and asks `claude` to reproduce each finding with a test. Only a passing test marks the finding `CONFIRMED`. Three attempts, then `NOT CONFIRMED` and move on. No severity scores.\n\nRuns are resumable. Owl writes progress to a markdown file as it runs, so an interrupted scan picks up where it left off. If Claude hits a rate limit, Owl parses the reset time and waits.\n\n## Install\n\nRequires the `claude` CLI on `$PATH` and fish.\n\n```fish\ncurl -o ~/.config/fish/functions/owl.fish https://raw.githubusercontent.com/nerdalytics/owl/trunk/owl.fish\n```\n\n## Usage\n\n```fish\nowl scan vulnerability\nowl scan \"memory leak\" --include py --include js\nowl scan sqli src/ --exclude test.py\nowl scan vulnerability src/auth.py\nowl scan vulnerability --resume\n\nowl check vulnerability\nowl check xss --resume\n\nowl list\nowl list vulnerability\n```\n\n## Flags\n\n| Flag | What it does |\n|---|---|\n| `-d, --depth N` | Max directory depth (default: 10) |\n| `--include EXT` | Include files by extension (repeatable, `scan` only) |\n| `--exclude SUFFIX` | Exclude files by suffix (repeatable, `scan` only) |\n| `-i, --ignore BOOL` | Respect `.gitignore` and `.ignore` files (default: true) |\n| `--effort VALUE` | Claude effort level (default: max) |\n| `--permission-mode` | `acceptEdits`, `plan`, `default`, `auto`, `dontAsk` |\n| `--no-memory` / `--memory` | Toggle Claude auto-memory and skills (`scan` defaults off, `check` defaults on) |\n| `--state-file PATH` | Progress file (default: `.owl-scn-\u003cslug\u003e.md` or `.owl-chk-\u003cslug\u003e.md`) |\n| `--resume` | Resume from progress file |\n| `--retry-delay N` | Extra seconds after rate-limit reset (default: 1) |\n\n## Prompt injection\n\nFile contents are passed to `claude` as data, not instructions. Owl's system prompt forbids Claude from acting on directives inside the files. Injection attempts get reported as findings rather than executed.\n\n## License\n\nMIT\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnerdalytics%2Fowl","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnerdalytics%2Fowl","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnerdalytics%2Fowl/lists"}