Settings
Configured via environment. Rook is local-first by default.
Model modeCloud (Anthropic)
ROOK_MODE=cloud
Exploit sandboxLocal subprocess (guarded)
ROOK_SANDBOX=local — set =docker for container isolation
OSV supply-chain scanEnabled
ROOK_OSV=true allows api.osv.dev for dependency vuln lookups
GitHub AppNot configured
Install on a repo for scan-on-push + auto-issues
Send to OtisWired
OTIS_URL — hands findings to the 42n-bot implementer
Slack alertsOff
SLACK_WEBHOOK_URL for finding notifications