Using the Chat¶
The Interface¶
The Strategy Chat page is split into two areas:
| Area | Description |
|---|---|
| Session sidebar (left) | Lists all your sessions. Pinned sessions appear at the top. Click a session to open it. |
| Chat panel (right) | The active conversation — messages, the input box, and recommendation cards. |
Session List¶
Each entry in the sidebar shows:
- Session title (editable — hover to reveal the rename icon)
- Message count and active skill name
- Pin / rename / delete actions (visible on hover or when the session is active)
Pinning Sessions¶
Click the pin icon on a session to keep it at the top of the list. Pinned sessions are never automatically cleaned up. Unpin when the assessment is complete.
Sending Messages¶
Type your message in the input box at the bottom of the chat panel and press Enter or click Send.
A few guidelines for effective conversations:
- Describe the target clearly. Include the framework, language, database, and hosting environment.
- Mention authentication details. JWT, session cookies, OAuth, SAML, API keys — each changes the module selection.
- List known concerns. If you already suspect a particular vulnerability class, say so. The AI will prioritise it.
- Answer follow-up questions. The AI may ask several rounds of questions before it feels confident enough to produce a recommendation.
Acting on Recommendations¶
When the AI has gathered sufficient information it outputs a recommendation card beneath the assistant message. The card contains:
Suggested Modules¶
A set of module tags corresponding to available scan modules. Each tag is a toggle:
- Filled (indigo) — the module is selected for the scan
- Outlined — the module is deselected
Click any tag to add or remove it from the selection before creating the scan.
Reasoning¶
A plain-language explanation of why the AI chose those modules for your target.
Priority Focus Areas¶
A list of high-risk areas the AI identified based on your answers (e.g. "JWT algorithm confusion", "tenant isolation via org_id").
Creating a Scan¶
Once you are happy with the module selection, click Create Scan. The platform will:
- Open the Create Scan form with the recommended modules pre-selected.
- Pre-fill the target URL if you mentioned it in the conversation.
Refine before creating
You can continue the conversation after a recommendation. Ask the AI to reconsider a module, add a new concern, or explain its reasoning in more detail. It will update the recommendation accordingly.
Managing Sessions¶
Renaming a Session¶
- Hover over the session in the sidebar.
- Click the pencil icon.
- Type a new name and press Enter.
Deleting a Session¶
- Hover over the session in the sidebar.
- Click the trash icon.
- Confirm deletion.
Deletion is permanent
Deleted sessions and their messages cannot be recovered.
Session Retention¶
Sessions older than 30 days are eligible for automatic clean-up unless they are pinned. Pin any session you want to keep long-term.
Limitations¶
| Limitation | Detail |
|---|---|
| Model availability | Only models your platform administrator has enabled are available on your plan. |
| No file uploads | The AI cannot read files. Describe the application or paste relevant excerpts as text. |
| No live access | The AI does not visit your target URL. All analysis is based on what you describe. |
| Token limits | Very long sessions may hit the model's context window. Start a new session for a new target. |