vulkro intel
Threat-intelligence bundles shipped with Vulkro. Each subsystem maintains a small, curated catalogue baked into the binary (known-compromised npm packages, known-bad public Docker images, and similar). The catalogues are deliberately small: false-positive cost dominates the quiet false-negative gap. For breadth, overlay the GitHub Advisory feed and your own vendor advisory feeds.
Sub-commands
vulkro intel status
| Sub-command | Description |
|---|---|
status | Print the provenance for every shipped intel bundle: name, version, SHA-256 of the canonical bytes, entry count, and last-updated date. |
intel status flags
| Flag | Description | Default |
|---|---|---|
--format <FORMAT> | table (default) or json. | table |
Exit codes
0all bundles loaded.2internal error (bundle parse failure).
Example
vulkro intel status --format json | jq '.[].name'
Related
vulkro slopcheck- checks against the compromised-package data.- Dependencies and CVEs - the CVE bundle.
- Signing and trust roots - bundle provenance.