Review scan results

Understand your AI agent’s security vulnerabilities and take action to fix them.

Understanding your security grade

Your scan results include a security grade from A to D:

  • A: No issues detected - your agent passed all security tests

  • B: Only minor issues detected - low-risk vulnerabilities that should be reviewed

  • C: A major issue was detected - moderate-risk vulnerability requiring attention

  • D: A critical issue was detected - high-risk vulnerability needing immediate action

"Scan results overview with security grade"

Explore attack details

Scroll to any vulnerability category to see the specific attacks that were tested:

"List of probes and attack attempts"

Analyze individual vulnerabilities

Click Review next to any probe to see detailed attack results:

"Detailed view of a successful attack attempt"

This shows you:

  • The exact prompts used in the attack

  • Your agent’s responses

  • Whether the attack succeeded

  • Why it’s considered a vulnerability

Take action on findings

For each detected issue, you have three main actions:

  • Mark as false positive: If the identified issue is not a real risk for your use case (for example, it is expected behavior or not relevant to your deployment), you can mark it as a false positive. This will immediately update your agent’s security grade and help you track which findings require action.

  • Convert to test case: You can save the detected attack as a reproducible test case by clicking Send to dataset. This allows you to track fixes over time, build regression tests to make sure the issue doesn’t reappear, and share concrete examples with your team for further analysis and improvement.

  • Create a task: You can create a task to track and assign work items for reviewing vulnerabilities. This is useful for organizing the review of issues found during scans and coordinating work among team members. To create a task, click on Add task button on the top right side of the screen when reviewing a specific probe. You can set the task priority, status, assignees, and provide a description of what needs to be done.

Tip

To learn more about reviewing test cases, see Review test results.

Next steps

Now that you have reviewed the scan results, you can take action on the detected vulnerabilities.