Commands
Every command follows the same pattern: sarix <command> <file> [options]
review
Full code review with severity-tagged issues.
$ sarix review src/main.py
$ sarix review src/main.py --provider anthropic
$ sarix review src/main.py -c "This handles user uploads"
Output sections: Summary, Issues (crit/warn/info), Suggestions.
The -c, --context flag is also available on bugs, security, docs, explain, and refactor. Passes extra context to the model (purpose of the file, threat model, constraints) before analysis.
bugs
Focused bug detection - logic errors, race conditions, resource leaks, edge cases.
$ sarix bugs lib/parser.py
Output sections: Bugs Found, Risk Assessment.
security
Security audit with CWE IDs, OWASP mapping, and remediation code.
$ sarix security src/auth.py
$ sarix security src/auth.py -c "Public endpoint, handles auth tokens"
$ sarix security src/auth.py --pipeline ollama/llama3:openai/gpt-5.4
--pipeline TRIAGE:VERIFY
Security-only flag. Two-stage run: a fast/cheap triage model flags suspicious regions, then a stronger verify model analyses only the flagged sections. Typical savings: 70-85% vs. running the strong model on the whole file.
Format: provider/model:provider/model
# Local triage -> cloud verify (cheap)
$ sarix security src/auth.py --pipeline ollama/llama3:openai/gpt-5.4
# Groq triage -> Claude verify (fast)
$ sarix security src/auth.py --pipeline groq/llama-3.3-70b-versatile:anthropic/claude-opus-4-6-20251101
# Same provider, two models
$ sarix security src/auth.py --pipeline openai/gpt-5.3-codex:openai/gpt-5.4
docs
Auto-generate docstrings and module documentation.
$ sarix docs utils/helpers.py
explain
Plain-language breakdown of complex code.
$ sarix explain legacy/processor.py
refactor
Refactoring suggestions with before/after diffs.
$ sarix refactor src/handlers.py
scan
Scan an entire directory with a progress bar.
$ sarix scan .
$ sarix scan src/ --task security
$ sarix scan . --ext .py .js
diff
Review only git-changed files.
$ sarix diff
$ sarix diff --staged --task security
benchmark
Test LLMs against a curated set of vulnerable code samples.
$ sarix benchmark
$ sarix benchmark --models gpt-5.4 llama3 --json
templates
Manage and run custom prompt templates.
$ sarix templates list
$ sarix templates run quick-review src/main.py
$ sarix templates add my-template
$ sarix templates delete my-template
login
Activate a trial or paid plan with your key. Get a free 3-day Pro trial key by signing in with GitHub at sarix.avixosec.xyz/account.html — no card, no API key needed, the trial runs on built-in models with Pro limits (150 verifications/day). One trial per account.
$ sarix login <key>
Run sarix logout to remove the key and return to your own provider.
trial
Prints where to get a trial key. Sign in with GitHub at sarix.avixosec.xyz/account.html, then run sarix login <key>.
$ sarix trial
After the trial ends, add a license key with sarix config to stay on Pro or Ultra. Plans and pricing: sarix.avixosec.xyz/#pricing.
config
Interactive provider setup. Arrow-key menu: pick a provider, enter credentials, save to ~/.sarix/config.json. Also where you add or change your license key.
$ sarix config
Supports OpenAI, Anthropic, Azure AI Foundry (Claude), Google Vertex AI, Ollama, and a Custom entry with presets for OpenRouter, Groq, Together, Mistral, xAI, Fireworks, DeepSeek, Perplexity, Cerebras, Cohere, and any OpenAI-compatible URL. After saving, the wizard offers to run health.
health
Check provider connectivity. Prints the active provider, masked credentials, and runs a lightweight connection test.
$ sarix health
$ sarix health --provider openrouter
On failure, outputs provider-specific troubleshooting (missing API key, unreachable host, wrong Azure deployment name, Ollama not running, etc.).
Global Flags
| Flag | Description |
|---|---|
-p, --provider | Override default provider. Accepts openai, anthropic, google, ollama, or any custom label saved in config (e.g. openrouter, groq, azure). |
-o, --output | Output format: markdown, json, plain, sarif |
-v, --version | Show version |
Exit Codes
| Code | Meaning |
|---|---|
0 | Clean - no issues or only info-level findings |
1 | Warnings - high-severity issues found |
2 | Critical - critical-severity issues found |