> For the complete documentation index, see [llms.txt](https://docs.opsmx.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.opsmx.com/remediation-agents/code-agent/functionalities-of-ai-guardian.md). # Functionalities of AI Guardian ## Key Capabilities ### **Hub Management** AI Guardian organizes repositories into **Hubs** — centralized workspaces that group related GitHub projects together. This is particularly useful for organizations managing multiple GitHub organizations or large numbers of repositories, enabling team-level or org-level visibility and governance from a single dashboard. ### **GitHub Integration** AI Guardian connects to GitHub via a **GitHub App** — a secure, permission-scoped integration that does not require personal access tokens to be shared or stored. Developers authorize the app, select the repositories to expose, and the integration is immediately active. Repository access can be expanded or restricted at any time. ### **SAST & SCA Scanning** Every connected project is automatically scanned for: | Scan Type | What It Catches | | --------- | ------------------------------------------------------------------------------------------------------------------ | | **SAST** | Source code vulnerabilities — insecure coding patterns, injection risks, insecure API usage, hardcoded credentials | | **SCA** | Dependency vulnerabilities — known CVEs in open-source libraries, outdated packages, license compliance risks | Findings are categorized by severity — **Critical, High, Medium, Low** — and each finding includes detailed context and AI-generated remediation guidance. ### **Single File Scan** In addition to full repository scans, AI Guardian supports **single file scanning** — allowing developers to upload or select a specific source file for targeted SAST and SCA analysis. This is useful for quick validation before committing, reviewing changes in isolation, or scanning standalone files that fall outside normal project scope. ### **AI-Powered Remediation** AI Guardian goes beyond reporting — it **fixes vulnerabilities automatically** using an AI-driven remediation workflow: * Developer selects a finding and clicks **Remediate** * An interactive chat explains the vulnerability and proposes a fix * Developer reviews the code diff and refines the fix via chat if needed * On approval, AI Guardian **creates a pull request** in GitHub with the fix applied * Developer reviews and merges — the vulnerability is resolved ### **Chat History & Session Resumption** Remediation sessions are persisted as **chat history** — allowing developers to resume an in-progress remediation even after logging out or a session expiry. Chat history is available for **2 days** from the start of a remediation session. Expired sessions are view-only and cannot be modified. ### **Auto Scan** AI Guardian can automatically scan connected repositories at configurable intervals — ranging from every 5 minutes to every few days — ensuring **continuous security monitoring** without requiring developers to manually trigger scans. Auto scan detects new vulnerabilities as code evolves, immediately surfacing new risks. ### **PR Scan & Remediation** AI Guardian integrates directly with the **GitHub pull request workflow** — automatically scanning every PR for security issues before it is merged into the main branch. Key characteristics of PR Scan: * Triggers automatically when a PR is **opened, updated with new commits, or reopened** * Reports **only new vulnerabilities introduced by the PR** — reducing noise by excluding pre-existing issues * Posts scan results as a **PR comment** — visible directly in the GitHub PR view * Provides a **remediation URL** in the PR comment — developers click through to AI Guardian, select findings, and receive an AI-generated fix PR ### **Why PR Scan matters:** It catches vulnerabilities at the earliest possible moment in the merge process — before insecure code enters the main branch — with zero manual steps and no workflow configuration required from the developer. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.opsmx.com/remediation-agents/code-agent/functionalities-of-ai-guardian.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.