API Reference
Scan Details
Retrieve detailed scan status and security analysis results.
Get Scan Details
GET /api/scans/:scanId
Retrieves the complete scan status, threat analysis, and detailed results for a specific scan.
Example
curl -sS \
-H 'X-API-Key: <YOUR_PAT>' \
'https://api.sieve.godel-labs.ai/api/scans/2b2f7b8b-7f2c-4b2d-9a5f-5c0c4c3c9d4e'Response (200)
{
"scanId": "2b2f7b8b-7f2c-4b2d-9a5f-5c0c4c3c9d4e",
"fileName": "suspicious.pdf",
"fileHash": "<sha256>",
"fileSize": 123456,
"mimeType": "application/pdf",
"status": "completed",
"results": { },
"threatScore": 0.12,
"isThreat": false,
"severity": "low",
"riskCategory": "safe",
"analysisMode": "quick",
"processingTimeMs": 1532,
"confidence": 0.95,
"securityIssuesCount": 0,
"sensitiveDataCount": 1,
"detectionClass": ["document"],
"owaspLlmRisks": [],
"owaspAgenticThreats": [],
"compliance": null,
"error": null,
"createdAt": "2026-02-14 12:34:56",
"updatedAt": "2026-02-14 12:35:10"
}Response fields
| Field | Type | Description |
|---|---|---|
scanId | string | Unique scan identifier (UUID) |
fileName | string | Original file name |
fileHash | string | SHA-256 hex digest of the original file |
fileSize | number | File size in bytes |
mimeType | string | Detected MIME type |
status | string | Current scan status (see status values below) |
results | object | null | Raw analysis results object from the scanner |
threatScore | number | null | Threat probability score (0–1) |
isThreat | boolean | null | true if the file was classified as a threat |
severity | string | null | low, medium, high, or critical |
riskCategory | string | null | safe, suspicious, or malicious |
analysisMode | string | null | Analysis mode used: quick or deep |
processingTimeMs | number | null | Time taken to complete the scan in milliseconds |
confidence | number | null | Model confidence in the classification (0–1) |
securityIssuesCount | number | null | Number of distinct security issues found |
sensitiveDataCount | number | null | Number of sensitive data items detected |
detectionClass | string[] | List of detected content/threat classes |
owaspLlmRisks | string[] | OWASP Top 10 for LLM risk identifiers triggered |
owaspAgenticThreats | string[] | OWASP agentic threat identifiers triggered |
compliance | object | null | Compliance mapping results |
error | string | null | Error message when status is failed or error |
createdAt | string | ISO-8601 timestamp when the scan was created |
updatedAt | string | ISO-8601 timestamp of the last status update |
Status values
| Status | Description |
|---|---|
queued | Accepted and waiting to enter the processing queue |
pending | In the processing queue, not yet started |
extracting | Archive is being extracted (archive uploads only) |
processing | Actively being scanned |
completed | Scan finished; results available |
failed | Scan failed; see error field |
error | Unexpected error during processing; see error field |
unsupported | File type is not supported for analysis |