Documentation

Authentication

All requests use API keys. Include your key in the Authorization header:

Authorization: Bearer YOUR_API_KEY

Terraform Plan Risk Inspector

Endpoint

POST https://api.lintelapi.com/v1/inspect/terraform-plan

Example

terraform show -json plan.out > plan.json

curl -X POST https://api.lintelapi.com/v1/inspect/terraform-plan \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  --data-binary @plan.json

Dockerfile Security Linter

Endpoint

POST https://api.lintelapi.com/v1/inspect/dockerfile

Example

curl -X POST https://api.lintelapi.com/v1/inspect/dockerfile \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"dockerfile":"FROM alpine:3.20\nRUN apk add --no-cache curl\n"}'

You may also send an existing Dockerfile by converting it to JSON:

jq -Rs '{dockerfile: .}' Dockerfile > dockerfile_payload.json

curl -X POST https://api.lintelapi.com/v1/inspect/dockerfile \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  --data-binary @dockerfile_payload.json

Response Format

All inspections return structured, deterministic JSON warnings. No enforcement. No side effects.