firmis list — List Detected Platforms
You’ve cloned a repo, inherited a project, or just installed a new tool. Before you scan anything, firmis list answers one question: what platforms are even here?
One line. Instant answer.
When to use this
Section titled “When to use this”- Quick orientation: Before running
scanordiscover, confirm which platforms Firmis will detect - Checking coverage: You added a new MCP server — run
listto verify Firmis picks it up - Scripting and automation: Use
--jsonto programmatically check which platforms are present before conditionally running platform-specific scans - Debugging a scan: If
scanseems to be skipping something, runlistfirst — if the platform isn’t listed, Firmis didn’t detect it
For the full picture — component names, file paths, dependencies, and model references — use firmis discover instead.
firmis list [options]Example output
Section titled “Example output”Terminal output
Section titled “Terminal output”Firmis — Detected PlatformsScanning: /Users/me/my-agent-project
claude 2 components mcp 4 components cursor 1 component
3 platforms detectedJSON output (--json)
Section titled “JSON output (--json)”[ { "platform": "claude", "components": 2 }, { "platform": "mcp", "components": 4 }, { "platform": "cursor", "components": 1 }]What each detected platform means for your security posture
Section titled “What each detected platform means for your security posture”| Platform | What it can access | Key threats |
|---|---|---|
claude | CLAUDE.md, tool definitions, permission scopes | Tool poisoning, overgrant permissions, hidden instructions |
mcp | Tool handlers, transport config, server manifests | Prompt injection, data exfiltration, path traversal |
cursor | .cursorrules, workspace settings | Rule hijacking, exfiltration via completions |
codex | Plugin manifests, tool definitions | Supply chain, malicious plugin logic |
crewai | Agent configs, task chains | Agent-to-agent injection, tool misuse |
autogpt | Plugin manifests, command handlers | Unauthorized command execution |
openclaw | Skill definitions, skill handlers | Credential harvesting, network abuse |
nanobot | Plugin configs, tool handlers | File system abuse, insecure config |
The more platforms in your project, the wider your attack surface. A project with claude + mcp + cursor has three distinct threat surfaces, each with their own detection rules.
Options
Section titled “Options”| Flag | Type | Default | Description |
|---|---|---|---|
--json | boolean | false | Output as JSON array — useful for scripting or piping into other tools |
Examples
Section titled “Examples”List detected platforms
Section titled “List detected platforms”npx firmis listJSON output for scripting
Section titled “JSON output for scripting”npx firmis list --jsonConditionally scan only if MCP is present
Section titled “Conditionally scan only if MCP is present”npx firmis list --json | jq -e '.[] | select(.platform == "mcp")' && \ npx firmis scan --platform mcp --fail-on high