Skip to main content
Use qai assist to interact with the built-in assistant from the terminal. The assistant supports interactive chat, single-shot queries, piped input, and run context injection. 
qai assist --help

qai assist (interactive)

Start an interactive REPL session. Conversation history is maintained for the duration of the session. 
qai assist
The assistant prints a header and waits for input. Type your question and press Enter. Type exit, quit, or q to end the session.

Example

$ qai assist
qai assistant — type your question, 'exit' to quit.

> what scanners does audit have?
qai audit includes 10 scanner modules, one for each OWASP MCP Top 10 category...

> which ones check for prompt injection?
The injection scanner (MCP-01) tests for tool description poisoning...

> exit
Conversation history is ephemeral — it exists only for the current session and is not saved to disk.

qai assist (single-shot)

Pass a question as an argument for a one-off query with no persistent history. 
qai assist "how do I test an MCP server?"
The response streams to stdout. Useful for quick lookups and scripting.

Examples

# Ask about a specific module
qai assist "what document formats does IPI support?"

# Get CLI syntax help
qai assist "show me the command to run an inject campaign with ollama"

# Ask about frameworks
qai assist "which OWASP MCP Top 10 categories does audit cover?"

Piped Input

Pipe external content into the assistant as additional context. The piped data is treated as untrusted scan-derived content. 
echo '{"findings": [{"title": "Tool description injection"}]}' | qai assist "explain these findings"

cat scan-results.json | qai assist "summarize the high-severity issues"
The piped content is wrapped in untrusted content boundaries before being sent to the model. See Trust Boundaries for details.

Run Context

Load findings from a specific database run and ask questions about them. 
qai assist --run <run-id> "summarize the findings"

Options

FlagTypeRequiredDescription
--runstringNoRun ID to load as context

Examples

# Summarize findings from run 42
qai assist --run 42 "what were the critical findings?"

# Ask for next steps based on scan results
qai assist --run 42 "what should I test next based on these results?"

# Map findings to frameworks
qai assist --run 42 "which OWASP MCP Top 10 categories do these findings map to?"
Run context is loaded from the qai database. The run must exist and contain findings. The loaded findings are treated as untrusted content — the same boundary markers apply as for piped input.

qai assist reindex

Force a rebuild of the knowledge base index. Re-scans product documentation and user knowledge files, regenerates embeddings, and updates the vector store. 
qai assist reindex
Use this after adding or modifying files in your user knowledge directory, or if the knowledge base seems stale. Under normal operation, the assistant detects file changes automatically via hash-based change detection on startup.

Configuration Check

Before any query, the assistant validates that a provider and model are configured. If either is missing, it prints setup guidance and exits: 
Assistant not configured. Set provider and model:
  qai config set assist.provider ollama
  qai config set assist.model llama3.1
See Configuration for full setup instructions.