Installation

Installation

SPECTRA runs anywhere Python 3.9+ is available. Three install paths are supported.

System Requirements

Option 1 — pip (Recommended)

git clone https://github.com/d0uble3L/spectra
cd spectra
pip install -e .

The -e flag installs in editable mode, making it easy to pull updates with git pull without reinstalling.

Verify the install:

spectra --version

Option 2 — Docker

No local Python environment required. Mount your scan files and receive reports in the reports/ directory.

# Pull and run a one-off analysis
docker compose run --rm analyze scans/trivy.json --format both --output /app/reports/out

Build the image locally from source:

git clone https://github.com/d0uble3L/spectra
cd spectra
docker build -t spectra .
docker run --rm \
  -v $(pwd)/scans:/app/scans \
  -v $(pwd)/reports:/app/reports \
  --env-file .env \
  spectra analyze scans/trivy.json --format both --output /app/reports/out

Option 3 — Source (development)

git clone https://github.com/d0uble3L/spectra
cd spectra
python -m venv .venv
source .venv/bin/activate    # Windows: .venv\Scripts\activate
pip install -e ".[dev]"

The [dev] extras install test dependencies (pytest, ruff, mypy).

Environment Setup

SPECTRA reads credentials from a .env file in the project root.

cp .env.example .env

Open .env and add your Anthropic API key:

ANTHROPIC_API_KEY=sk-ant-...

Keep this file out of version control — it is already listed in .gitignore.

For CI/CD environments, inject ANTHROPIC_API_KEY as a repository secret rather than committing a .env file. See CI/CD Integration for details.

Verifying the Installation

Run SPECTRA against the bundled sample file to confirm everything works:

spectra analyze tests/samples/trivy_sample.json

A successful run prints a ranked finding summary to stdout and writes reports to the current directory.

Next: Quick Start →