Documentation

Quick Start

reel runs in three modes. Start with the CLI, wire it into your AI client via MCP, or deploy the agent when you need continuous coverage in Kubernetes.

CLI

Open · No license required

One-shot scans from your terminal or CI pipeline. Scan images and running containers for vulnerabilities, crypto, and malware.

# Install

brew install getreeldev/tap/reel

# Scan an image

reel export sbom --image nginx:latest

# Vulnerability report

reel export sbom --image nginx:latest --scanners vuln

# Crypto inventory

reel export cbom --image nginx:latest

CLI Reference

Agent

Premium · License required

Deploy once in Kubernetes. Scans run continuously on schedule: SBOMs, forensic captures, and filesystem diffs archived to S3 automatically.

# Deploy

helm install reel oci://docker.io/getreel/helm

# Schedule via pod annotations

reel.io/schedule: |

@every 1h | upload sbom

@daily | upload cbom

@every 6h | upload malware

Agent Docs

Using an AI assistant?

reel start mcp exposes the same tools to Claude Code, Cursor, and Continue over MCP.

Tutorials

Vulnerability Scanning

SBOMs and CVE detection

Crypto Compliance

Algorithms, certs, and keys

Malware Detection

ClamAV filesystem scans

Incident Forensics

Memory, processes, files

Change Tracking

Filesystem layer diffs

Installation

All platforms, verification, offline mode

GitHub Action

Scan images in CI/CD pipelines

CI/CD Pipelines

GitLab, Jenkins, generic workflows

Configuration

Flags, env vars, Helm values

Requirements

Kubernetes, OS, CRIU, resources, storage sizing