Workspace AI assistant
that runs platform actions for you

The assistant reads the company name, contact details, and engagement count for each client (or business unit if the workspace is in internal mode), so it can answer scoping questions without you re-typing the catalogue.

Engagement title, type, status, scope, dates, and per-engagement findings counts including severity and status breakdowns are all part of the conversation context, so the assistant can summarise programme state at a glance.

Title, severity, status, category, affected asset, assigned owner, and a description excerpt for the most recent findings give the assistant enough context to triage, summarise, and propose next actions without hallucinating.

The assistant reads the engagement type configuration (item label, default status, finding categories) so it adapts language for pentest engagements, compliance audits, and incident response cases without needing to be told.

When the assistant proposes an assignment, it picks from a verified list of workspace team members rather than guessing an email. Assignments resolve to a real owner the platform can route notifications to.

Tool calls do not run automatically. The assistant streams proposed actions back to the chat as a structured action list. You read each one, see what it would do, and apply it explicitly. The same RBAC checks that gate manual finding creation, finding updates, client creation, engagement creation, and engagement status changes apply to assistant-proposed actions.

When the assistant proposes a chain like create client, then create engagement under that client, then create five findings on that engagement, the UI blocks downstream actions until the parent action is applied. You never end up with orphaned findings pointing at non-existent engagements.

Because the assistant uses the same finding, client, engagement, and engagement-status APIs that the dashboard uses, every applied action lands on the activity log with the actor user, the entity, and the inputs. The audit trail does not skip rows because the change came from chat.

You can attach JPEG, PNG, GIF, WebP images and PDF documents directly to the conversation. Images are downscaled and base64-encoded before sending. PDFs are passed through with a per-document page limit. The assistant reads the artefact alongside the workspace context.

The route counts tokens against a 100K-token input budget and progressively drops the oldest messages until the conversation fits. The current message is never silently truncated; if a single attachment is too large, the platform rejects the message with a clear size error rather than producing a partial response.

Lifetime trial credits

Try the assistant on a small engagement before committing to a plan. Credits are lifetime, not monthly.

25 credits per month

Suited to a single security engineer or AppSec analyst running the assistant across active engagements. Each chat message that completes successfully consumes one credit.

75 credits per month

Shared workspace pool for security teams running multiple concurrent engagements. Pool resets monthly and extra credits can be purchased and consumed when the monthly pool is exhausted.

The assistant is only available to workspace users (consultants in technical role naming). Each user must hold the ai_chat permission on their team role. Viewers are blocked. Members, admins, and owners with the permission can run the assistant.

The assistant requires the AI feature flag on the workspace plan. Starter is gated by the lifetime trial credit count. Pro and Team have monthly limits. The route enforces both before opening a stream so a budget-exhausted workspace cannot accidentally accumulate provider charges.

Each user is rate-limited to 40 chat messages per 15-minute window. The limit prevents accidental loops and runaway scripted clients without throttling normal interactive use. Exceeding the window returns a 429 with a Retry-After header.

Only JPEG, PNG, GIF, and WebP images and PDF documents are accepted as attachments. Other formats are rejected with a clear unsupported-format response so unexpected payloads cannot reach the model.

Monthly usage is reset and read in a single atomic call so two concurrent messages cannot both squeak past the limit. Credits are deducted only after the stream completes successfully, so a failed run does not consume the user pool.

The assistant reads only clients, engagements, and findings scoped to the user workspace. The system prompt never mixes data across workspaces. Multi-tenant isolation is enforced at the data-fetch layer, not at the prompt layer.

Triage scanner output by asking the assistant to log the next ten Critical findings against the right engagement with calibrated severity, owners, and remediation guidance. The assistant reads engagement context and proposes structured findings that match the team's existing taxonomy.

Run weekly remediation sweeps by asking the assistant to summarise unresolved Critical and High findings older than the SLA window, propose ownership changes, and bulk-update statuses after the team confirms the remediation evidence.

Scaffold compliance audit engagements (SOC 2, ISO 27001, Cyber Essentials, PCI DSS) for new clients in one prompt: client created, engagement typed correctly, scope captured, dates set. The assistant uses the typed engagement values the platform expects so reporting downstream still works.

Ask for a cross-engagement summary of programme health, including severity distributions, oldest open findings, and engagements that have been in_progress beyond the planned end date. The assistant reads the workspace as a whole, not one engagement at a time.

Speed up engagement intake from kickoff calls. Describe the new client and the agreed scope in one paragraph and let the assistant propose the client, the engagement, and the initial finding scaffolding. Apply only the parts the team approves.

Workspace chat handles operational work; the assistant proposes findings and engagement updates that AI reports then summarises into PDFs and executive summaries. The two surfaces share workspace context.

Every create_finding and update_finding tool call lands on the same findings management record the dashboard reads. CVSS 3.1 vector, severity, status, and 300+ templates all apply.

The assistant scaffolds new engagements with the typed engagement values the platform expects, so downstream reporting, AI report generation, and client portal rendering all work without manual cleanup.

The ai_chat permission lives on the same RBAC system as every other platform permission. See team management for the role hierarchy that gates assistant access.

Every applied tool call writes to the activity log with the actor and the inputs. The CSV export surfaces assistant-driven actions in any audit window.

Migrations from spreadsheets and other tools are usually faster through bulk finding import. The assistant complements that path for ad-hoc creation, scaffolding, and triage rather than batch ingestion.