Distributed binaries
Last updated: Jun 3, 2026
Fluid Attacks provides native binaries for security scanning that run directly on your machine or CI runner without Docker and without asking for your account or API key. Each binary is a single self-contained executable that you install once and run anywhere.
| Binary | Scanner | Description |
|---|---|---|
| ss | Secret Scanning | Detects hardcoded credentials, API keys, and tokens |
| cs | Container Scanning | Analyzes SCA vulnerabilities for Docker images |
How it works
All binaries share the same installation model:
a one-line installer downloads the pre-compiled binary for your platform
and places it in a directory on your PATH.
Each binary supports two execution modes:
- Quick scan — pass a path directly on the command line for an immediate scan with no configuration.
- Config-driven scan — pass a YAML configuration file for full control over paths, output format, and scan behavior.
Supported platforms
| OS | Architecture |
|---|---|
| Linux | x86_64, aarch64 |
| macOS | Apple Silicon (arm64) |
Intel Mac (x86_64) is not supported. Windows is not supported natively. Windows users should install via WSL (Windows Subsystem for Linux) and follow the Linux instructions.
Installation
Run the one-line installer for the binary you want.
By default,
it installs to /usr/local/bin.
If that directory is not writable (common on macOS),
install to a user-owned directory instead:
mkdir -p ~/.local/bin
curl -fsSL <installer-url> | INSTALL_DIR=~/.local/bin shThen make sure ~/.local/bin is on your PATH:
echo 'export PATH="$HOME/.local/bin:$PATH"' >> ~/.zshrc
source ~/.zshrcSee each binary's page for its specific installer URL and platform notes.