Skip to main content

Terminal table output

The default output format (--format table) is a colored terminal table with a summary box and pipeline recommendation.

Usage

shadowaudit --dir ./src --spec openapi.json --format table

Or simply (table is the default):

shadowaudit --dir ./src --spec openapi.json

Example output

╔══════════════════════════════════════════════╗
║ shadowaudit — Scan Report ║
╚══════════════════════════════════════════════╝
┌──────────┬────────┬───────────────────────────────────┬───────────────────────────────────┬──────┬──────┐
│ SEVERITY │ METHOD │ PATH │ FILE │ LINE │ AUTH │
├──────────┼────────┼───────────────────────────────────┼───────────────────────────────────┼──────┼──────┤
│ CRITICAL │ GET │ /api/debug/reset │ routes.js │ 21 │ NO │
├──────────┼────────┼───────────────────────────────────┼───────────────────────────────────┼──────┼──────┤
│ CRITICAL │ POST │ /api/test/seed │ routes.js │ 22 │ NO │
└──────────┴────────┴───────────────────────────────────┴───────────────────────────────────┴──────┴──────┘
┌─────────────────────────────────────────────┐
│ SCAN SUMMARY │
│ Total routes scanned : 7 │
│ Documented : 5 │
│ Undocumented : 2 │
│ ───────────────────────────────────────── │
│ 🔴 CRITICAL : 2 │
│ 🟡 HIGH : 0 │
│ 🔵 INFO : 0 │
└─────────────────────────────────────────────┘
⛔ Pipeline will FAIL — 2 critical shadow route(s) detected

Color coding

In a real terminal, severity cells are color-coded:

  • CRITICAL → red bold
  • HIGH → yellow bold
  • INFO → blue
  • METHOD → cyan
  • AUTH YES → green
  • AUTH NO → red

The recommendation line is also color-coded:

  • ⛔ Pipeline will FAIL → red bold (when critical findings exist)
  • ⚠️ Review required → yellow (when only HIGH findings exist)
  • ✓ No shadow API routes detected → green (when no findings)

Sorting

Findings are sorted:

  1. CRITICAL first, then HIGH, then INFO
  2. Alphabetical by path within the same severity