RedVeil.ai | Autonomous Penetration Testing

The finding command group (alias: findings) lets you inspect, triage, and retest findings.

finding list

List findings for a project.

pentest-agent finding list <projectId>

Option	Description
`--status <status>`	Filter by status: `open`, `remediated`, `false positive`.

Retrieve a single finding by ID.

pentest-agent finding get <findingId>

Edit a finding's metadata. Alias: finding update.

pentest-agent finding edit <findingId> --severity 8 --status open

Option	Description
`--input <jsonOrFile>`	Inline JSON or `@file` containing the update payload.
`--title <value>`	Updated title.
`--description <value>`	Updated description.
`--evidence <value>`	Updated evidence text.
`--recommendations <value>`	Updated remediation recommendations.
`--impact <value>`	Updated impact statement.
`--references <csvOrJson>`	Reference URLs as CSV, JSON array, or `@file`.
`--severity <value>`	Numeric severity score.
`--source <value>`	Source label.
`--status <value>`	Finding status: `open`, `remediated`, `false positive`.
`--user-adjusted <trueOrFalse>`	Mark whether the finding was user-adjusted.
`--user-justification <value>`	Text justification for the user adjustment.

Mark a finding as a false positive with a justification.

pentest-agent finding false-positive <findingId> \
  --justification "This endpoint is behind a WAF rule and is not reachable."

Option	Required	Description
`--justification <text>`	Yes	Explanation of why the finding is a false positive.

Remove a previous user adjustment (e.g. un-mark a false positive) and reopen the finding.

pentest-agent finding unadjust <findingId>

Initiate a retest workflow for a single finding.

pentest-agent finding retest <findingId>

Start retesting all open findings for a project.

pentest-agent finding retest-all <projectId>

Generate a single-finding PDF report and return a signed download URL.

pentest-agent finding pdf <findingId>

Output:

{
  "findingId": "abc123",
  "downloadUrl": "https://..."
}