dotnet-inspect
CLI tool for inspecting .NET libraries and NuGet packages. It is for .NET what docker inspect and kubectl describe are for container land: view package metadata, API surfaces, dependencies, source provenance, and version-to-version changes.
Install or run
dotnet tool install -g dotnet-inspect
dotnet-inspect <command>
Run without installing:
dnx dotnet-inspect -y -- <command>
What it inspects
| Source | Examples | Notes |
|---|
| NuGet packages | package System.Text.Json, type --package Markout | Supports versions, custom sources, nuget.config, TFMs, package layout, dependencies, and vulnerabilities. |
| Platform libraries | library System.Private.CoreLib, library System.Text.Json --version 10.0.0, diff --platform [email protected] | Resolves installed SDK/runtime assemblies, including runtime-only implementation assemblies with no NuGet package. |
| Local assets | library ./bin/MyLib.dll, package ./pkg/MyLib.nupkg | Useful for auditing builds before publishing. |
Bare names are routed automatically: platform-looking names (System.*, Microsoft.AspNetCore.*) resolve to installed platform libraries; other names resolve as NuGet packages. In API commands, common CoreLib aliases and simple type names such as string, int, DateTime, and Guid resolve to System.Private.CoreLib. Use explicit commands and --package, --platform, or --library when you need a specific source.
Capability inventory
| Capability | Commands | Highlights |
|---|
| Package inventory | package | Metadata, versions, TFMs, file layout, dependency tree, metadata audit, vulnerability data, custom feeds, NuGet config support. |
| Library audit | library | Assembly identity, public key token, trim/AOT metadata, unsafe/interoperability signals, OpenTelemetry support, symbols/PDBs, SourceLink and determinism audit, references, resources, async method classification. |
| API discovery | type, member, find | Type search, member tables, docs, overload selection, generics, obsolete-member markers, direct calls and callers, source/decompiled/IL drill-in. |
| API compatibility | diff | Version ranges, package or platform diffs, breaking/additive/potentially-breaking classification, type filters. |
| Relationships | depends, extensions, implements | Type hierarchies, package dependencies, library reference graphs, extension methods/properties, implementors and subclasses. |
| Source mapping | source, member -S "Original Source" | SourceLink URLs, member line numbers, source fetching, URL verification, token+IL-offset to source-line resolution. |
| Agent-friendly output | global flags | Markdown by default, compact --table, normalized --tsv, --jsonl, --plaintext, --json, Mermaid diagrams, section/field projection, --count, table row limiting, built-in head/tail limiting. |
Command inventory
| Command | Purpose |
|---|
package X | Inspect NuGet metadata, versions, dependencies, TFMs, layout, and vulnerabilities. |
library X | Inspect assembly metadata, symbols, SourceLink, references, resources, and async methods. |
type X | Discover types or render a single type shape. |
member X | Inspect members, docs, overloads, decompiled/lowered C#, SourceLink-backed original source, and IL. |
find X | Search for types across packages, frameworks, projects, and local assets. |
diff X | Compare API surfaces between versions. |
extensions X | Find extension methods and C# extension properties for a type. |
implements X | Find concrete implementors or subclasses. |
depends X | Walk type, package, or library dependency graphs; emits Mermaid diagrams. |
source X | Resolve SourceLink URLs or map method token + IL offset to source. |
cache | Inspect or clear dotnet-inspect caches. |
skill | Print the embedded LLM skill definition. |
Single-type type X output is tree-shaped by default. Use -v:n or -v:d
to grow that tree to overload leaves; use --markdown -v:q when you want the
compact Markdown section view instead.
When an exact type is not found, type treats the query as a best-effort
namespace/type prefix browse within the resolved package, library, or platform
scope.
Signals
Signals is an evidence report, not a safety certification. Select it with -S Signals. For libraries, Signals reports metadata/provenance observations and acquires a missing PDB when selected to resolve SourceLink. For packages, Signals reports package metadata/assets, dependencies, signature provenance, and NuGet registry observations. The per-source-file reachability pass (SourceLink Availability, SourceLink Missing Files) is selected explicitly with -S because its cost scales with source-file count. The slow, exhaustive content check (SourceLink Integrity) is opt-in only.
JuliusBrussee
anthropics
wshobson
thedotmack
coreyhaines31
Lucklyric