Reporting
Basilisk supports 5 report formats for different use cases.
Formats
| Format | Flag | Use Case |
|--------|------|----------|
| HTML | -o html | Dark-themed interactive report with conversation replay |
| SARIF 2.1.0 | -o sarif | CI/CD integration with GitHub Code Scanning |
| JSON | -o json | Machine-readable, full metadata |
| Markdown | -o markdown | Documentation-ready, commit-friendly |
| PDF | -o pdf | Client deliverables (requires weasyprint) |
HTML Report
The default format. Generates a self-contained HTML file with:
- Executive summary with severity breakdown
- Expandable finding cards with full conversation replay
- OWASP LLM Top 10 mapping
- Recommendations for each finding
basilisk scan -t URL -o html
# Output: basilisk-reports/report.html
SARIF for CI/CD
SARIF 2.1.0 is the standard for static analysis results. Use it to integrate Basilisk into your CI/CD pipeline:
# .github/workflows/ai-security.yml
- name: AI Security Scan
run: |
pip install basilisk-ai
basilisk scan -t ${{ secrets.TARGET_URL }} \
-o sarif --fail-on high
- name: Upload SARIF
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: basilisk-reports/*.sarif
Custom Output Directory
basilisk scan -t URL -o html --output-dir ./my-reports