macOS
brew install legitifylocal Homebrew formula metadata
brew
Tool to detect/remediate misconfig and security risks of GitHub/GitLab assets. Version 1.0.11 via Homebrew; verified 2026-05-19.
install
brew install legitifylocal Homebrew formula metadata
nix profile install nixpkgs#legitifynixpkgs package indexes · pkgs/by-name/le/legitify/package.nix · source: api.github.com
overview
Tool to detect/remediate misconfig and security risks of GitHub/GitLab assets
history
Legitify is Legit Security's open-source CLI for finding and helping remediate security, compliance, and misconfiguration risks across GitHub and GitLab assets.
Legit Security announced Legitify on 2022-10-05 as an open-source GitHub configuration scanner for security, DevOps, and developer teams. The repository and project site later described the scope as source-code-management posture across GitHub and GitLab assets, with built-in policies and remediation-oriented output.
The project was packaged as a standalone CLI, GitHub Action, Homebrew formula, Nix package, and GitHub CLI extension. That mix made it fit both one-off audits from a workstation and scheduled checks in CI for organizations managing many repositories, members, teams, runners, branch protections, and tokens.
Typical usage is to authenticate to GitHub or GitLab, run `legitify analyze`, and review policy findings against repositories, organizations, runners, webhooks, actions, branch protection, and other SCM resources. Its Homebrew packaging matters because security teams can hand developers a familiar install path instead of a vendor-only SaaS workflow.
Legitify is a package-nerd example of application-security posture management ideas escaping into a plain CLI. It packages policy checks and remediation hints as a tool that can live in local shells, CI jobs, and GitHub Actions, adjacent to linters and secret scanners.
security posture
broad file, network, media, or database tool signal.
blue risk · medium confidence · tool
Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.
executables
| Command | Kind | Exposure | Note |
|---|---|---|---|
legitify | cli | global executable |
freshness
These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.
https://github.com/Legit-Labs/legitify
install metadata
| Package key | brew:legitify |
|---|---|
| Version | 1.0.11 |
| Package manager | Homebrew |
| Package manager page | https://formulae.brew.sh/formula/legitify |
| Homepage | https://legitify.dev/ |
| Repository | https://github.com/Legit-Labs/legitify |
| Upstream docs | https://legitify.dev/ |
| License | Apache-2.0 |
| Source archive | https://github.com/Legit-Labs/legitify/archive/refs/tags/v1.0.11.tar.gz |
| Last updated | 2026-05-19T13:03:29-04:00 |
| Pulse | updated |
| Build dependencies | go@1.24 |
| Bottle | available (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux) |
| Homebrew post-install | not defined |
| Service | none declared |
registry facts
| Source Database | Homebrew formula API |
|---|---|
| Tap | homebrew/core |
| Full Name | legitify |
| Version Scheme | 0 |
| Revision | 0 |
| Head Version | HEAD |
| Bottle Stable Root URL | https://ghcr.io/v2/homebrew/core |
| Deprecated | yes |
| Disabled | no |
| Keg Only | no |
| URL Keys |
|
source database matches
Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.
legitify
nix profile install nixpkgs#legitifysource trail
This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.
View the package source record on GitHub.