Lintel

Inspect-only security checks for CI/CD.

Send a Terraform plan or Dockerfile. Get deterministic findings with evidence. No agents, no enforcement, no side effects.

Get an API key Read the docs

Inspect-only: We never mutate infra or run code.
Deterministic: Same input → same output.
CI-friendly: One call, structured JSON, clear failure modes.

What's available now

Terraform Plan Risk Inspector

Inspect a Terraform JSON plan before apply. Get structured findings with evidence.

Dockerfile Security Linter

Analyze Dockerfiles for common security and best-practice issues.

Why advisory-only

Lintel is designed to provide early signal that teams can act on in their existing workflow. Use it as a fast preflight before heavier scanners—or just as a consistent warning system you can log and trend.

Example

curl -X POST https://api.lintelapi.com/v1/inspect/terraform-plan \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  --data-binary @plan.json

See the docs for full request/response format.