Update README.md

r0path · web-flow · commit 6ff55a8aaf02 · 2025-08-11T19:27:59.000-07:00
diff --git a/README.md b/README.md
@@ -48,18 +48,113 @@ move zeropath.exe "C:\Windows\System32\"
 ## Usage
 
 ### Authentication
+First, authenticate with your ZeroPath API credentials:
 ```bash
 zeropath auth <clientId> <clientSecret>
 ```
 
 ### Scanning
+
+#### Local Directory Scan (with SARIF output)
+Scan a local directory and generate a SARIF report:
+```bash
+zeropath scan <directory> <outputFile.sarif>
+```
+
+#### Repository Scan (using existing repository)
+Scan an already-configured repository by ID:
+```bash
+zeropath scan --repository-id <repositoryId>
+
+# Scan a specific branch
+zeropath scan --repository-id <repositoryId> --branch <branchName>
+```
+
+#### Repository Scan (by URL)
+Scan a repository by its URL:
+```bash
+# GitHub repository
+zeropath scan --repository-url https://github.com/owner/repo --vcs github
+
+# GitLab repository
+zeropath scan --repository-url https://gitlab.com/owner/repo --vcs gitlab
+
+# Bitbucket repository
+zeropath scan --repository-url https://bitbucket.org/owner/repo --vcs bitbucket
+
+# Generic Git repository
+zeropath scan --repository-url https://git.example.com/repo --vcs generic
+```
+
+#### CI/CD Integration
+For continuous integration pipelines, use the `--ci` flag to run PR/merge request scans:
+```bash
+# Basic CI scan
+zeropath scan --repository-id <repositoryId> --ci
+
+# CI scan with explicit PR branches
+zeropath scan --repository-id <repositoryId> --ci \
+  --pr-branch feature/new-feature \
+  --pr-target main
+
+# CI scan by repository URL
+zeropath scan --repository-url https://github.com/owner/repo --vcs github --ci \
+  --pr-branch feature/new-feature \
+  --pr-target main
+```
+
+**CI Mode Exit Codes:**
+- **0**: No vulnerabilities found
+- **1**: Vulnerabilities detected (fails CI pipeline)
+
+### Command Options
+
+#### `zeropath scan` Options
+
+| Option | Description |
+|--------|-------------|
+| `--repository-id <id>` | Scan an existing repository by ID |
+| `--repository-url <url>` | Scan a repository by URL (requires `--vcs`) |
+| `--vcs <provider>` | VCS provider: `github`, `gitlab`, `bitbucket`, or `generic` |
+| `--branch <name>` | Branch to scan (for regular scans) |
+| `--ci` | Run a CI/PR scan instead of a full scan |
+| `--pr-branch <name>` | Source/feature branch for CI scans |
+| `--pr-target <name>` | Target/base branch for CI scans |
+
+### Examples
+
 ```bash
-zeropath scan <directory> <outputFile>
+# Scan local code and generate SARIF report
+zeropath scan ./my-project report.sarif
+
+# Scan main branch of a repository
+zeropath scan --repository-id abc-123-def --branch main
+
+# CI pipeline scanning a pull request
+zeropath scan --repository-id abc-123-def --ci \
+  --pr-branch feature/security-fix \
+  --pr-target main
+
+# Scan a GitHub repository directly
+zeropath scan --repository-url https://github.com/myorg/myapp --vcs github
+
+# Scan a specific branch of a GitLab repository
+zeropath scan --repository-url https://gitlab.com/myorg/myapp --vcs gitlab --branch develop
 ```
 
+### Features
+
+- **Real-time scanning**: All scans wait for completion and show progress
+- **CI/CD ready**: Exit codes for pipeline integration (1 for vulnerabilities, 0 for clean)
+- **Multiple VCS support**: GitHub, GitLab, Bitbucket, and generic Git repositories
+- **Branch-aware**: Scan specific branches or PR/merge requests
+- **SARIF output**: Industry-standard format for local scans
+- **Vulnerability reporting**: Detailed breakdown by severity in CI mode
+
 ### Help
 ```bash
 zeropath --help
+zeropath scan --help
 ```
 
 ## Support
@@ -68,4 +163,4 @@ zeropath --help
 - [Issue Tracker](https://github.com/ZeroPathAI/zeropath-cli/issues)
 
 ## License
-Copyright © 2024 ZeroPath Corp. All rights reserved.
+Copyright © 2025 ZeroPath Corp. All rights reserved.
