--local-only flag not supported for scan command (contradicts documentation)Β #125
Description
According to the Invariant Labs documentation, the --local-only flag can be used with the scan command to run local LLM-based checks without sending data to the Invariant cloud API.
You can run MCP-scan locally by using the --local-only flag. This will only run local checks and will not invoke the Invariant Guardrailing API, however, it will not provide as accurate results as it just runs a local LLM-based policy check. This option requires an OPENAI_API_KEY environment variable to be set.
However, in the current codebase, the --local-only flag is not available for scan command. When I try to run:
uvx mcp-scan scan mcp.json --local-only
I get:
error: unrecognized arguments: --local-only
Expected behavior:
The scan command should support the --local-only flag as described in the documentation, allowing users to run local LLM-based vulnerability checks.