https://github.com/nerdalytics/owl

Name an issue type. Owl `scan`s any local files for evidence-anchored findings, then refuses to trust its own report until `check` reproduces each one.
https://github.com/nerdalytics/owl

agent-loop auditing claude-code meta-prompting

Last synced: 22 days ago
JSON representation

Name an issue type. Owl `scan`s any local files for evidence-anchored findings, then refuses to trust its own report until `check` reproduces each one.

• Host: GitHub
• URL: https://github.com/nerdalytics/owl
• Owner: nerdalytics
• License: mit
• Created: 2026-04-17T14:44:09.000Z (26 days ago)
• Default Branch: trunk
• Last Pushed: 2026-04-17T20:31:13.000Z (26 days ago)
• Last Synced: 2026-04-17T21:22:50.199Z (26 days ago)
• Topics: agent-loop, auditing, claude-code, meta-prompting
• Language: Shell
• Homepage:
• Size: 18.6 KB
• Stars: 0
• Watchers: 0
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# Owl

Owl audits local files for a named issue type, then verifies every finding by reproducing it with a test.

[![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](LICENSE)

[![Powered by Claude Code](https://img.shields.io/badge/Powered%20by-Claude%20Code-D97757.svg)](https://github.com/anthropics/claude-code)

Owl is a single fish-shell function that wraps the `claude` CLI. It has two subcommands: `scan` and `check`.

## How it works

`scan` passes each file to `claude` in isolation and writes a report next to it. Findings must cite a specific line. Anything without a line reference gets dropped.

`check` reads that report and asks `claude` to reproduce each finding with a test. Only a passing test marks the finding `CONFIRMED`. Three attempts, then `NOT CONFIRMED` and move on. No severity scores.

Runs are resumable. Owl writes progress to a markdown file as it runs, so an interrupted scan picks up where it left off. If Claude hits a rate limit, Owl parses the reset time and waits.

## Install

Requires the `claude` CLI on `$PATH` and fish.

```fish

curl -o ~/.config/fish/functions/owl.fish https://raw.githubusercontent.com/nerdalytics/owl/trunk/owl.fish

```

## Usage

```fish

owl scan vulnerability

owl scan "memory leak" --include py --include js

owl scan sqli src/ --exclude test.py

owl scan vulnerability src/auth.py

owl scan vulnerability --resume

owl check vulnerability

owl check xss --resume

owl list

owl list vulnerability

```

## Flags

| Flag | What it does |

|---|---|

| `-d, --depth N` | Max directory depth (default: 10) |

| `--include EXT` | Include files by extension (repeatable, `scan` only) |

| `--exclude SUFFIX` | Exclude files by suffix (repeatable, `scan` only) |

| `-i, --ignore BOOL` | Respect `.gitignore` and `.ignore` files (default: true) |

| `--effort VALUE` | Claude effort level (default: max) |

| `--permission-mode` | `acceptEdits`, `plan`, `default`, `auto`, `dontAsk` |

| `--no-memory` / `--memory` | Toggle Claude auto-memory and skills (`scan` defaults off, `check` defaults on) |

| `--state-file PATH` | Progress file (default: `.owl-scn-.md` or `.owl-chk-.md`) |

| `--resume` | Resume from progress file |

| `--retry-delay N` | Extra seconds after rate-limit reset (default: 1) |

## Prompt injection

File contents are passed to `claude` as data, not instructions. Owl's system prompt forbids Claude from acting on directives inside the files. Injection attempts get reported as findings rather than executed.

## License

MIT