Documentation Index
Fetch the complete documentation index at: https://docs.q-uestionable.ai/llms.txt
Use this file to discover all available pages before exploring further.
NDJSON (Newline Delimited JSON) exports one finding per line as a self-contained JSON object. Each line can be processed independently — useful for streaming pipelines, log aggregation systems, and tools that process records one at a time.
Generating NDJSON
CLI:
qai audit scan --transport stdio --command "npx @modelcontextprotocol/server-memory" \
--format ndjson --output results.ndjson
qai audit report --input results/scan.json --format ndjson --output results.ndjson
{"category":"command_injection","severity":"high","title":"Tool parameter allows shell injection","description":"...","framework_ids":{"owasp_mcp_top10":"MCP05","mitre_atlas":"AML.T0054"},"mitigation":null,"source_ref":"injection","created_at":"2026-03-22T10:30:15+00:00"}
Fields
| Field | Type | Description |
|---|
category | string | Finding category (e.g., command_injection, auth, token_exposure) |
severity | string | Severity name: critical, high, medium, low, info |
title | string | Short finding title |
description | string | Detailed description |
framework_ids | object | Framework mappings (e.g., {"owasp_mcp_top10": "MCP05"}) |
mitigation | object/null | Mitigation guidance data if available |
source_ref | string/null | Scanner or source reference |
created_at | string/null | ISO timestamp |
run_id, target_name) are merged into each record.
Processing
# Filter high-severity findings
cat results.ndjson | jq 'select(.severity == "high" or .severity == "critical")'
# Count by category
cat results.ndjson | jq -s 'group_by(.category) | map({category: .[0].category, count: length})'
# Extract titles only
cat results.ndjson | jq -r '.title'
import json
with open("results.ndjson") as f:
for line in f:
finding = json.loads(line)
if finding["severity"] in ("critical", "high"):
print(f"{finding['severity'].upper()}: {finding['title']}")