HomeToolsDocsPricingGalleryExtensionContact Get the App
// core workflows

Findings & Evidence

The Findings tab

Open the Findings tab to see everything that has been confirmed during the task. Findings are sorted by severity: Critical, High, Medium, Low, and Info. Each finding also has a confidence score so you can see how certain the agent is about it.

Every finding has the evidence that backs it up attached directly to it. This includes the raw command output, the specific response or behavior that confirmed the issue, and a screenshot taken automatically by Playwright as visual proof.

How findings are created

When the AI Operator confirms a vulnerability, it creates a finding automatically. It verifies the issue before logging it, so findings in the list represent confirmed vulnerabilities, not just scanner noise.

The agent can also spawn a sub-agent specifically to capture proof for a finding, making sure the evidence is solid before it goes into the report.

Loot tab

Credentials, hashes, tokens, and other captured artifacts go into the Loot tab rather than Findings. If the agent recovers a password hash, an API key, or a session token, it ends up there. Loot items are stored securely and credentials are redacted when the report is exported.

Findings feed directly into the report. When you generate a report, the AI drafts remediation for each finding based on the evidence attached to it.
Next: Attack Graph Back to Docs