DevOps toolbox for AI coding agents and developers
Quick Start • AI Agent Skills • Commands • Installation • Syncable Platform →
Syncable CLI (sync-ctl) is a DevOps toolbox that analyzes codebases, scans for security issues, validates infrastructure files, and deploys to cloud providers. It works standalone from the terminal or through AI coding agent skills — giving Claude Code, Codex, Gemini CLI, Cursor, and Windsurf the ability to run security scans, check for CVEs, lint Dockerfiles, and deploy services through natural conversation.
npx syncable-cli-skillsThis installs 11 skills (7 command + 4 workflow) into your AI coding agent. Then just ask:
- "assess this project" — full health check
- "scan for security issues" — secrets and credential detection
- "check for vulnerabilities" — CVE scanning across all dependencies
- "validate my Dockerfiles" — lint IaC files
- "deploy this service" — cloud deployment with preview
cargo install syncable-cli
sync-ctl analyze .One command installs skills for all major AI coding agents:
npx syncable-cli-skills| Agent | Install Path | Format |
|---|---|---|
| Claude Code | Plugin marketplace | SKILL.md with plugin.json |
| Codex | ~/.agents/skills/ |
SKILL.md directories |
| Gemini CLI | ~/.gemini/<profile>/skills/ |
SKILL.md directories |
| Cursor | .cursor/rules/ |
.mdc with alwaysApply |
| Windsurf | .windsurf/rules/ |
.md with trigger: always |
Command skills — atomic wrappers around sync-ctl commands:
| Skill | What it does |
|---|---|
syncable-analyze |
Detect tech stack, languages, frameworks, dependencies |
syncable-security |
Scan for secrets, hardcoded credentials, insecure patterns |
syncable-vulnerabilities |
Check dependencies for known CVEs across all ecosystems |
syncable-dependencies |
Audit licenses, production vs dev split, package details |
syncable-validate |
Lint Dockerfiles, Compose files, K8s manifests, Helm charts, Terraform |
syncable-optimize |
Analyze Kubernetes resource requests, limits, cost efficiency |
syncable-platform |
Authenticate, switch projects/environments, deploy to cloud |
Workflow skills — multi-step orchestrations with decision logic:
| Skill | What it does |
|---|---|
syncable-project-assessment |
Full health check: stack + security + vulnerabilities + dependencies |
syncable-security-audit |
Deep pre-deployment review with paranoid-mode scanning |
syncable-iac-pipeline |
Validate all IaC files + Kubernetes optimization |
syncable-deploy-pipeline |
End-to-end: auth → analyze → security gate → deploy + monitor |
Skills teach your AI agent to use sync-ctl with the --agent flag, which outputs compressed JSON instead of terminal formatting. The agent gets a summary with the key findings, plus a reference ID to retrieve full details on demand:
# Agent runs this (compressed output, ~2KB)
sync-ctl security . --mode balanced --agent
# Agent drills into details only when needed (paginated)
sync-ctl retrieve <ref_id> --query "severity:critical" --limit 10This keeps the agent's context window small while giving access to the full data.
sync-ctl analyze . # Human-readable matrix view
sync-ctl analyze . --agent # Compressed JSON for agentsDetects 260+ technologies across JavaScript, Python, Go, Rust, and Java ecosystems.
sync-ctl security . --mode balanced # Standard scan
sync-ctl security . --mode paranoid # Deep compliance audit| Mode | Speed | Use Case |
|---|---|---|
lightning |
Fastest | Pre-commit hooks |
fast |
Fast | Development |
balanced |
Standard | Default |
thorough |
Complete | PR reviews |
paranoid |
Maximum | Compliance audits |
sync-ctl vulnerabilities . # Scan all dependencies for CVEs
sync-ctl vulnerabilities . --severity high # Only high+ severityScans npm, pip, cargo, go, and Java dependencies. Automatically discovers and scans all subdirectories in monorepos.
sync-ctl validate . # Lint all IaC files
sync-ctl validate . --types dockerfile,compose # Specific types
sync-ctl validate . --types compose --fix # Auto-fix issues| Linter | What it checks | Rules |
|---|---|---|
| Hadolint | Dockerfiles | 60+ rules |
| Dclint | Docker Compose | 15 rules (8 auto-fixable) |
| Kubelint | K8s manifests | 63+ security & best-practice checks |
| Helmlint | Helm charts | 40+ rules |
sync-ctl deploy preview . # Get deployment recommendation (JSON)
sync-ctl deploy run . --provider hetzner --port 8080 --public # Deploy
sync-ctl deploy status <task_id> --watch # Monitor progress
sync-ctl deploy wizard # Interactive wizard (for humans)sync-ctl auth login # Authenticate with Syncable
sync-ctl project current # Show current context
sync-ctl org list # List organizations
sync-ctl project select <id> # Switch project
sync-ctl env select staging # Switch environmentcargo install syncable-cligit clone https://github.com/syncable-dev/syncable-cli.git
cd syncable-cli
cargo install --path .260+ technologies across 5 ecosystems
JavaScript/TypeScript — React, Vue, Angular, Next.js, Express, Nest.js, Fastify, and 40+ more
Python — Django, Flask, FastAPI, Celery, NumPy, TensorFlow, PyTorch, and 70+ more
Go — Gin, Echo, Fiber, gRPC, Kubernetes client, and 20+ more
Rust — Actix-web, Axum, Rocket, Tokio, SeaORM, and 20+ more
Java/Kotlin — Spring Boot, Micronaut, Quarkus, Hibernate, and 90+ more
This CLI is the foundation of the Syncable Platform — a complete DevOps solution that takes you from code to production:
- One-click deployments to AWS, GCP, Hetzner, or Azure
- Team collaboration with shared environments
- Monitoring & logs built-in
- Cost optimization recommendations
We love contributions! Whether it's bug fixes, new features, or documentation improvements.
git clone https://github.com/syncable-dev/syncable-cli.git
cd syncable-cli
cargo build
cargo test
cargo clippy && cargo fmtSee CONTRIBUTING.md for detailed guidelines.
This project is licensed under the GNU General Public License v3.0 (GPL-3.0).
See LICENSE for the full license text.
The Dockerfile linting functionality (src/analyzer/hadolint/) is a Rust translation
of Hadolint, originally written in Haskell by
Lukas Martinelli and contributors.
The Docker Compose linting functionality (src/analyzer/dclint/) is a Rust implementation
inspired by dclint by Sergey Kupletsky.
The Kubernetes manifest linting functionality (src/analyzer/kubelint/) is a Rust reimplementation
inspired by KubeLinter by StackRox / Red Hat.
The Helm chart linting functionality (src/analyzer/helmlint/) is a Rust implementation
inspired by the official Helm lint command.