Three commands cover 95% of usage. Then you hand the YAML to your AI assistant and ship.
brassai scanAnalyze your project. Writes .brass/*.yaml with the prioritized findings.
Useful flags:
--fast — skip privacy + content moderation passes--dev — source code only (skip tests, build artifacts)--code / --privacy / --content — narrow scope--offline — guarantee zero outbound network calls (default behavior; flag is for explicitness)brassai filterPipe an AI reviewer's JSON output through Brass's noise-reduction. Returns the high-confidence findings.
CRITICAL findings always pass the filter. Style-only Pylint codes (C0301 line-too-long, etc.) are dropped. Per-file caps prevent any single file from dominating output.
brassai watchRe-scan incrementally on file change. Useful while you're actively editing and want the YAML to stay current.
Watch mode runs while the command is in your terminal — Brass is on-demand by design, no background daemon, no auto-start. Ctrl+C to stop.
After a scan, .brass/ contains:
| File | Purpose |
|---|---|
ai_instructions.yaml | Top-level summary; this is what you hand to Claude Code / Cursor |
detailed_analysis.yaml | Every finding, grouped by type |
file_intelligence.yaml | Per-file priorities |
security_report.yaml | Security-only view |
statistics.yaml | Aggregate metrics |
privacy_analysis.yaml | Privacy-only view (only if PII findings exist) |
Directory perms are 0700; YAML files are 0600 (POSIX). Brass scans private source code, so the output is locked down.
Open .brass/ai_instructions.yaml. Copy its contents into your AI assistant session. Ask the assistant to address the findings in order — the YAML is short on purpose so it fits comfortably in any context window.
A typical Brass-aware Claude Code prompt: