CLI
The brin CLI — a thin Rust client over the brin API. No SDK, no auth, no signup.
A thin Rust client over the brin API. No SDK, no auth, no signup. A single command returns a score, verdict, and threat data.
##Install
###via npm
npm install -g brin###via shell script
curl -fsSL https://brin.sh/install.sh | sh##Usage
brin check <origin>/<identifier>Before your agent acts on any external context, make a single call. brin returns a score, verdict, and any detected threats.
###Packages
brin check npm/express
brin check npm/lodash@4.17.21
brin check pypi/requests
brin check crate/serde{
"origin": "npm",
"name": "express",
"score": 81,
"confidence": "medium",
"verdict": "safe",
"tolerance": "conservative",
"scanned_at": "2026-02-25T09:00:00Z",
"url": "https://api.brin.sh/npm/express"
}###Repositories
brin check repo/expressjs/express###MCP servers
brin check mcp/modelcontextprotocol/servers###Agent skills
brin check skill/owner/repo###Domains and pages
brin check domain/example.com
brin check page/example.com/login###Commits
brin check commit/owner/repo@abc123def##Flags
| Flag | Description |
|---|---|
--details | Include sub-scores (identity, behavior, content, graph) |
--webhook <url> | Receive tier-completion events as the deep scan progresses |
--headers | Print only the X-Brin-* response headers instead of the JSON body |
###--details
brin check npm/express --details{
"origin": "npm",
"name": "express",
"score": 81,
"verdict": "safe",
"sub_scores": {
"identity": 95.0,
"behavior": 40.0,
"content": 100.0,
"graph": 30.0
}
}###--webhook
brin runs a 3-tier analysis — the LLM tier takes 20–30s. Pass a webhook URL to receive results as each tier completes rather than waiting:
brin check npm/express --webhook https://your-server.com/brin-callbackEvents posted to your endpoint:
| Event | Description |
|---|---|
tier1_complete | Identity + registry metadata done |
tier2_complete | Static analysis done |
tier3_complete | LLM threat analysis done |
scan_complete | Final score with graph analysis |
###--headers
For fast, scriptable checks without JSON parsing:
brin check npm/express --headersX-Brin-Score: 81
X-Brin-Verdict: safe
X-Brin-Confidence: medium
X-Brin-Tolerance: conservativeFlags can be combined:
brin check npm/express --details --webhook https://your-server.com/cb##What we score
Six types of external context that agents consume autonomously — each with a distinct threat model and scoring methodology.
| Origin | Example | Threats detected |
|---|---|---|
npm / pypi / crate | npm/express | Install-time attacks, credential harvesting, typosquatting |
domain / page | domain/example.com | Prompt injection, phishing, cloaking, exfiltration via hidden content |
repo | repo/owner/repo | Agent config injection, malicious commits, compromised dependencies |
skill | skill/owner/repo | Description injection, output poisoning, instruction override |
mcp | mcp/owner/server | Tool shadowing, schema abuse, silent capability escalation |
commit | commit/owner/repo@sha | PR injection, security sabotage, backdoor introduction |
##How it works
Before your agent acts on any external context, brin returns a score, verdict, and any detected threats. Pre-scanned results return in under 10ms — fast enough to sit in the critical path of every agent action, no queues, no cold starts.
brin check npm/express
|
v
GET https://api.brin.sh/npm/express
|
v
score · verdict · threatsIf brin is unreachable, the agent continues as normal — zero risk to your existing workflow.
##Environment variables
| Variable | Default | Description |
|---|---|---|
BRIN_API_URL | https://api.brin.sh | Override the API endpoint |
##Local development
git clone https://github.com/superagent-ai/brin
cd brin
cargo build
cargo testOn this page