CLI
Command Reference

CLI Command Reference

Global configuration

Config lives at ~/.entelligence/config.json (created automatically, permissions locked to 0600 — owner read/write only). It stores your API key, org UUID, and GitHub token as they're set via auth login and related commands.

Resolution order (highest priority first) for any credential: CLI flag → matching environment variable → value saved in the config file.

Environment variableOverridesNotes
ENTELLIGENCE_API_KEYapi_key in configAlternative to entelligence auth login — set this for CI/non-interactive use
ENTELLIGENCE_TOKEN--token on reviewDistinct from ENTELLIGENCE_API_KEY — used specifically by review's --token flag
ENTELLIGENCE_ORG_UUIDorg_uuid in config / --org-uuidAlso accepted by entelligence incident --org-uuid
ENTELLIGENCE_ENDPOINT--endpoint on reviewAPI endpoint override, distinct from ENTELLIGENCE_BASE_URL below
ENTELLIGENCE_BASE_URLdefault API hostProduction default: https://entelligence.ddbrief.com. Set to http://localhost:8000 for local backend development
ENTELLIGENCE_APP_URLdefault web app hostUsed for the browser-based login flow. Default: https://app.entelligence.ai
ENTELLIGENCE_GITHUB_TOKEN / GITHUB_TOKEN / GH_TOKENgithub_token in configChecked in that order
ENTELLIGENCE_NO_AUTO_UPDATESet to disable the daily auto-update check

Auto-update also skips automatically in CI — detected via CI, GITHUB_ACTIONS, GITLAB_CI, BUILDKITE, JENKINS_URL, or TF_BUILD being set — and for editable/dev installs, where it prints a one-line notice instead of upgrading in place.

Exit codes: every command exits 1 on any failure (auth error, network error, git error, invalid input) and 0 on success — there's currently no distinct exit code to distinguish "ran fine, found issues" from "ran fine, found nothing." Script around output content (or --json where available) rather than the exit code alone if you need to branch on findings.


Auth

CommandDescription
entelligence auth loginAuthenticate — paste your API key, or opens a browser-based login against ENTELLIGENCE_APP_URL
entelligence auth statusShow current authentication status
entelligence auth logoutClear stored credentials

Review

Runs AI code review against your local git diff. See Reviewing from the CLI for a walkthrough.

FlagDefaultDescription
--base-branchmainBase branch to diff against
--endpoint (env ENTELLIGENCE_ENDPOINT)from configOverride the API endpoint for this run
--token (env ENTELLIGENCE_TOKEN)from configOverride the auth token for this run
--org-uuid (env ENTELLIGENCE_ORG_UUID)resolved server-sideOverride the org UUID for this run
--prioritymediumlow / medium / high — how aggressively findings are surfaced
--modeverboseconcise / verbose
--plainoffPlain, detailed text output — no rich terminal formatting
--prompt-onlyoffMinimal, token-efficient output, meant for piping into another agent
--repo-path.Path to the repo to review
--committed-onlyoffForce a committed-vs-base-branch diff instead of trying uncommitted changes first
--textualoffExperimental. Opens an interactive Textual file browser before reviewing
--mockoffExercise the UI with fake data — no API call, useful for scripting/demos
--debugoffPrint the raw request/response and write a log to ~/.entelligence/cli-debug.log
entelligence review --priority high --mode verbose
entelligence review --committed-only --base-branch develop
entelligence review --prompt-only   # feed straight into another agent

diff and status

CommandFlagsDescription
entelligence diff--file/-f <path> (required), --base-branch, --repo-pathShow the diff for a single file
entelligence status--base-branch, --repo-pathRepo and auth status summary

Security

Vulnerability scanning for a connected repo. Every subcommand supports --json for scripting.

CommandFlagsDescription
entelligence security scan <owner/repo>--branch, --force, --wait (polls every 15s, up to 10 min), --jsonKick off a scan
entelligence security status <scan_id>--jsonCheck progress (scan_status, progress_percentage, current_step)
entelligence security list [<owner/repo>]--limit (20), --status-filter, --jsonList recent scans
entelligence security summary <scan_id>--jsonScore + severity breakdown
entelligence security issues <scan_id>--severity (repeatable), --type (repeatable), --file, --rule, --limit (50), --offset (0), --jsonList individual findings, filterable
entelligence security suggest <scan_id> <rule_key> <owner/repo>--file, --jsonGet a suggested fix for one finding
entelligence security dashboard--scan-id, --jsonCurrent metrics, severity breakdown, vulnerability trend
entelligence security scan acme/payments-service --wait
entelligence security issues <scan_id> --severity critical --severity high --json
💡

security doesn't accept a global --org-uuid override — org is always resolved from your authenticated session.


Incident

AI-driven triage and remediation for recurring production error patterns ("Error Knowledge Units" / EKUs). See the /incident skill for an interactive workflow.

CommandFlagsDescription
entelligence incident list--status (active/dormant/all, default all), --repo, --verbose, --limit (50)Ranked list of error patterns by severity, then frequency
entelligence incident show <eku_id>Root cause and recommended fix for one pattern
entelligence incident logs <eku_id>--limit (20), --full, --jsonRaw, deduplicated production log samples
entelligence incident fix <eku_id> --repo <org/name>--watch (polls every 15s, up to 5 min), --yes/-yTrigger an automated fix — opens a PR
entelligence incident monitor--phase, --repo, --verboseList merged fixes currently being verified post-merge
entelligence incident track <job_id>--watchStatus of a fix job — classification, PR link, test results
entelligence incident refresh--verboseTrigger a fresh monitoring sweep

The whole group also accepts --org-uuid to target a specific org.

⚠️

fix is a write action — it opens a PR against the repo you specify. Unless you pass --yes, it prints the pattern, severity, and repo, then prompts "Trigger Fix Now?" (defaults to No — you must explicitly confirm).

entelligence incident list --status active --repo acme/payments-service
entelligence incident fix EKU-1842 --repo acme/payments-service --watch

Insights

Coding-agent usage analytics — see Agent Insights setup for the full walkthrough. Most subcommands are a thin passthrough to the open-source cinsights engine; sync and schedule are native to entelligence-cli.

CommandKey flagsDescription
entelligence insights setup--provider, --model, --base-url, --extra-headers, --digest, --validateConfigure the LLM used for local analysis. Omit provider/model to get an interactive prompt
entelligence insights index--source (local/entireio/phoenix), --hours (default 4380 ≈ 6 months), --force, -vIndex local session files — free, no LLM calls
entelligence insights analyze--limit (50), --concurrency (5), --min-score (0.0), --yes/-y, --tasks-onlyAnalyze indexed sessions. Prints a cost estimate and asks to confirm unless --yes
entelligence insights digest project <name>--daysGenerate a project digest
entelligence insights digest user <id>--daysGenerate a personal digest
entelligence insights serveLocal web dashboard at http://localhost:8100
entelligence insights sync--hours (168), --all, --no-index, --batch-size (100), --dry-runPush locally-computed metrics to your org's Agent Insights dashboard
entelligence insights schedule--at HH:MM (default 09:00), --removeInstall/remove a daily job that runs insights sync automatically
⚠️

Naming gotcha: cinsights (the underlying open-source tool) has its own schedule install/status/uninstall subcommand for scheduling local index+analyze. When invoked through entelligence insights schedule, the literal word schedule is intercepted by Entelligence's own native command first — so entelligence insights schedule install does not behave like cinsights schedule install. Only --at and --remove are supported through the entelligence wrapper.

What gets synced, and what doesn't: insights sync only pushes pre-computed metrics — token counts, tool-call names and counts, efficiency scores. It explicitly excludes raw context blobs and never sends tool input/output (which could contain code, commands, or secrets).

entelligence insights setup
entelligence insights index --source local --hours 8760
entelligence insights sync --dry-run   # see what would be pushed, without sending it
entelligence insights schedule --at 09:00

Wrapped

CommandFlagsDescription
entelligence wrapped--days, --no-syncGenerate your personal year-in-review coding-agent summary

Before anything is generated, prompts are redacted client-side: secrets matching AWS/OpenAI/GitHub/Slack key patterns, UUIDs, and long hex strings are stripped, each prompt is truncated to 500 characters, and the whole corpus is capped at 2,000 prompts / 500K characters. Only text you actually typed is used — never assistant responses or tool input/output. The backend re-redacts as a second layer of defense.


Troubleshooting

SymptomCauseFix
entelligence auth status shows not authenticatedNo API key in config or envRun entelligence auth login, or set ENTELLIGENCE_API_KEY
"No changes detected" on reviewNo uncommitted or committed diff foundCheck git status; use --committed-only --base-branch <branch> if your changes are already committed
Base URL not switching to local devENTELLIGENCE_BASE_URL not set / stale .envexport ENTELLIGENCE_BASE_URL=http://localhost:8000, or check .env in an editable install
Command hangs or times outNetwork issue reaching the APIRe-run with --debug (on review) to see the raw request, and check ~/.entelligence/cli-debug.log
Config permission errorsCorrupted ~/.entelligence/config.jsonrm ~/.entelligence/config.json && entelligence auth login
Changes to an editable/dev install aren't reflectedStale installuv tool uninstall entelligence-cli && make setup (from the CLI repo)
💡

Every command supports --help for the exact, current flag list on your installed version — e.g. entelligence review --help.