Skip to main content
Query mode is Vigolium’s single-shot AI prompt execution mode. It sends a prompt template or inline prompt to an AI agent and returns structured output -no network scanning, no multi-phase orchestration. One AI call, one response.

What It Does

  • Loads a prompt template, enriches it with source code and database context, and sends it to the configured AI agent
  • The agent analyzes the provided context and returns structured JSON (findings or HTTP records)
  • Results are parsed and saved to the Vigolium database
  • No network scanning occurs -query mode purely analyzes what you give it
Query mode is not an agentic scan. It does not discover targets, send attack traffic, or iterate. It is a code analysis tool that leverages AI to find vulnerabilities, extract endpoints, or answer security questions from source code.

CLI Usage

Template-Based Execution

Run a built-in or custom prompt template against source code: 
# Security code review
vigolium agent --prompt-template security-code-review --source ./src

# Endpoint discovery from a Django project
vigolium agent --prompt-template endpoint-discovery --source ~/projects/django-app

# Review specific files only
vigolium agent --prompt-template injection-sinks --source ./src --files db/query.go,api/handler.go

Custom Prompt File

Use your own Markdown prompt file with YAML frontmatter: 
vigolium agent --prompt-file my-prompt.md --source ./src

Freeform Questions

Ask a security question without a template: 
vigolium agent query "What are common JWT vulnerabilities?"

# With source context
vigolium agent query "What authentication mechanisms does this app use?" --source ./src

Stdin

Pipe a prompt from stdin: 
echo "explain CSRF" | vigolium agent query --stdin

Dry Run

Render the full prompt without sending it to the agent -useful for debugging templates: 
vigolium agent --prompt-template endpoint-discovery --source ./src --dry-run

List Templates and Agents

vigolium agent --list-templates
vigolium agent --list-agents

More Examples

# Code review with additional focus instructions
vigolium agent --prompt-template security-code-review --source ./src \
  --append "Pay special attention to deserialization and file upload handling"

# Use a specific agent backend
vigolium agent --prompt-template injection-sinks --source ./src --agent gemini

# Save agent output to a file
vigolium agent --prompt-template security-code-review --source ./src --output review-results.json

# Scope to a specific project
vigolium agent --prompt-template security-code-review --source ./src --project my-api

# Chain with jq to extract high-severity findings
vigolium agent --prompt-template security-code-review --source ./src --json \
  | jq '.[] | select(.severity == "high")'

# Detect hardcoded secrets in config files
vigolium agent --prompt-template secret-detection --source ./src --files config/,deploy/

Key Flags

FlagDescription
--prompt-templateTemplate ID to use (e.g., security-code-review, endpoint-discovery)
--prompt-filePath to a custom prompt Markdown file
--sourcePath to source code directory
--filesSpecific files to include, relative to --source (comma-separated)
--agentAgent backend to use (overrides agent.default_agent from config)
--appendExtra text appended to the rendered prompt
--outputWrite raw agent output to a file
--dry-runRender the prompt without executing it
--source-labelLabel for records ingested from agent output (e.g., agent-review)

API

POST /api/agent/run/query

{
  "agent": "claude",
  "prompt_template": "security-code-review",
  "source": "/path/to/repo",
  "files": ["main.go", "handlers.go"],
  "append": "Focus on authentication logic",
  "stream": true
}
At least one of prompt_template, prompt_file, or prompt is required. When stream is true, the response uses Server-Sent Events for real-time output.

Use Cases

  • Code review -run security-code-review before deployment to catch injection sinks, hardcoded secrets, and auth bypasses
  • Endpoint discovery -extract API routes from source code (Express, Spring, Django, etc.) and ingest them as HTTP records for subsequent scanning
  • Secret detection -scan config files, deploy scripts, and environment templates for hardcoded credentials
  • CI/CD integration -single AI call completes in seconds, making it suitable for pipeline gates
  • Triage questions -ask the agent about a specific vulnerability pattern or security concept

Pros and Cons

ProsCons
Fast -single AI call, completes in secondsNo network scanning -code analysis only
Low cost -one prompt, one responseRequires source code access for most templates
Deterministic scope -same template produces consistent coverageFindings are unverified (no live confirmation)
Good for CI/CD -predictable runtime, structured outputLimited to what the template asks for
Works without a running targetCannot discover runtime-only vulnerabilities
Supports structured output schemas (findings, HTTP records)Freeform questions return unstructured text