ScanRook

API Reference

The ScanRook API lets you scan container images, check packages for vulnerabilities, look up CVEs, and schedule recurring scans. Public endpoints require no authentication. Authenticated endpoints use an API key.

Base URL: https://scanrook.io

OpenAPI spec: /api/v1/openapi

Authentication

Authenticated endpoints require a Bearer token. Generate an API key from your dashboard.

1. Go to Dashboard → Settings → API Keys

2. Create a new API key

3. Include it in requests as a Bearer token:

Authorization header
Authorization: Bearer dgk_your_api_key_here

Scan Endpoints

POST/api/v1/scanAuth Required

Start a vulnerability scan on a Docker/OCI image. Set wait=true to block until results are ready, or receive a job ID immediately.

Quick scan (async)
curl -X POST https://scanrook.io/api/v1/scan \
  -H "Authorization: Bearer dgk_your_key" \
  -H "Content-Type: application/json" \
  -d '{"image": "nginx:1.27"}'
Scan and wait for results
curl -X POST https://scanrook.io/api/v1/scan \
  -H "Authorization: Bearer dgk_your_key" \
  -H "Content-Type: application/json" \
  -d '{"image": "nginx:1.27", "wait": true, "mode": "deep"}'

Parameters:

  • image (required) — Docker image reference, e.g. nginx:1.27
  • modelight (default) or deep
  • waittrue to block until scan completes (max 5 min)

Package Check

POST/api/v1/checkPublic

Check a specific package version for known vulnerabilities via OSV. No authentication required.

Check a package
curl -X POST https://scanrook.io/api/v1/check \
  -H "Content-Type: application/json" \
  -d '{"ecosystem": "npm", "name": "lodash", "version": "4.17.20"}'

Parameters:

  • ecosystem (required) — e.g. npm, PyPI, Go, crates.io, Maven, NuGet
  • name (required) — package name
  • version — specific version to check (optional)

CVE Lookup

GET/api/v1/cve/{id}Public

Look up a specific CVE with severity, affected packages, and references. No authentication required.

Look up a CVE
curl https://scanrook.io/api/v1/cve/CVE-2024-0727

Scan Schedules

POST/api/v1/scheduleAuth Required

Create a recurring scan schedule for a container image. Optionally receive results via webhook.

Create a daily scan schedule
curl -X POST https://scanrook.io/api/v1/schedule \
  -H "Authorization: Bearer dgk_your_key" \
  -H "Content-Type: application/json" \
  -d '{"image": "nginx:1.27", "cron": "0 0 * * *", "webhook_url": "https://example.com/hook"}'
GET/api/v1/scheduleAuth Required

List all scan schedules for your organization.

List schedules
curl https://scanrook.io/api/v1/schedule \
  -H "Authorization: Bearer dgk_your_key"

Public Data Feeds

Public, cacheable feeds for vulnerability intelligence. No authentication required.

GET/api/feed/latest-cvesPublic

Recently discovered CVEs enriched with severity data.

Get latest CVEs
curl https://scanrook.io/api/feed/latest-cves?limit=10
Query params: limit (max 100), severity (critical, high, medium, low)
GET/api/feed/epss-topPublic

CVEs ranked by EPSS exploitation probability.

Get top EPSS scores
curl https://scanrook.io/api/feed/epss-top?limit=10

Rate Limits

Public endpoints are cached and rate-limited to prevent abuse. Authenticated endpoints are subject to your plan's monthly scan quota.

  • Public endpoints: 60 requests/minute per IP
  • Authenticated endpoints: subject to plan scan limits (Free: 25/month, Basic: 100/month, Pro: 500/month, Enterprise: unlimited)
  • Wait mode scans: hold an HTTP connection for up to 5 minutes