Quick Start¶
Installation¶
Verify:
Platform-Specific Notes¶
- Windows: See Windows Installation Guide
- Linux: Requires
graphviz—sudo apt install graphviz -y - macOS:
brew install graphviz
Setup Autocomplete¶
Configures PowerShell on Windows, Bash/Zsh/Fish on Linux/macOS.
Basic Usage¶
Usage: thothctl [OPTIONS] COMMAND [ARGS]...
ThothForge CLI - The Open Source Internal Developer Platform CLI
Options:
--version Show the version and exit.
--debug Enable debug mode
-d, --code-directory PATH Configuration file path
--help Show this message and exit.
Commands:
ai-review AI-powered security analysis and code review for IaC
check Validate environment, IaC, cost analysis, and blast radius
document Generate documentation for IaC projects with AI support
generate Generate IaC from rules, use cases, and components
init Initialize and setup project configurations and environments
inventory Create inventory for IaC composition with version tracking
list List projects and spaces managed by thothctl locally
mcp Model Context Protocol (MCP) server for AI integration
project Convert, clean up and manage the current project
remove Remove projects and spaces managed by thothctl
scan Scan infrastructure code for security issues and compliance
upgrade Upgrade thothctl to the latest version
Create a Space¶
Spaces organize your projects with shared configuration (VCS provider, registry, orchestration tool):
✅ 🎉 Space 'my-space' initialized successfully!
💡 You can now create projects in this space with:
thothctl init project --project-name <name> --space my-space
Create a Project¶
From a void template¶
From an existing template (reuse)¶
Clone and customize a template from your GitHub/GitLab/Azure DevOps organization:
You'll be prompted to select a template and fill in project parameters (region, environment, backend config, etc.).
Scan for Security Issues¶
Runs Checkov (and optionally Trivy, KICS) against your IaC code and generates reports.
Check IaC Structure¶
# Validate project structure
thothctl check iac
# Cost analysis
thothctl check iac -type cost-analysis --recursive
# Drift detection
thothctl check iac -type drift --recursive
Create Inventory¶
Generates a professional report with module versions, provider tracking, and outdated dependency detection.
AI Security Review¶
# Analyze with local AI (no data leaves your machine)
thothctl ai-review analyze -d ./terraform -p ollama
# Multi-agent orchestrated review
thothctl ai-review orchestrate -d ./terraform -a security -a fix
Next Steps¶
- DevSecOps SDLC Guide — Full lifecycle workflow
- AI-DLC Use Case — AI-powered development with MCP
- AI Review — Multi-agent security analysis
- Check Command — Validation and compliance workflows
- Inventory Command — Dependency management