Skip to main content
Detail flags security vulnerabilities as a distinct category within its bug-finding scans. Every finding that the AI identifies as a security risk is marked with isSecurityVulnerability: true, and you can run a vulnerability-only scan at any time to focus exclusively on security issues without wading through the full bug list.

What counts as a security vulnerability

Detail’s AI agents look for a broad range of security issues, including but not limited to:
  • Injection flaws — SQL injection, command injection, template injection, and similar input-handling bugs
  • Insecure data handling — sensitive data written to logs, stored unencrypted, or transmitted over unprotected channels
  • Authentication and authorization flaws — broken access controls, missing authentication checks, and privilege escalation paths
  • Cryptographic weaknesses — use of deprecated algorithms, hard-coded secrets, weak key sizes, and insecure random-number generation
  • Dependency and configuration issues — patterns that indicate insecure defaults or known-vulnerable usage
Each flagged issue carries the same full report as a standard bug — title, summary, file path, and introduced-by information — plus a clear vulnerability classification.

Vulnerability-only mode

When you only want to see security findings, use vulnerability-only mode. It filters out all bugs where isSecurityVulnerability is false or unset, giving you a focused view of your security posture.

Dashboard

Open the Bugs view and select the Security filter to show only security vulnerabilities.

CLI

Pass the --vulns flag to the bugs list command:
detail bugs list --vulns

API

Fetch bugs and filter on the isSecurityVulnerability field:
{ "isSecurityVulnerability": true }

Filtering security findings

Dashboard

  1. Navigate to the Bugs section of your repository.
  2. Click the Security filter chip.
  3. The list updates to show only findings where isSecurityVulnerability is true.

CLI

# Show only open security vulnerabilities
detail bugs list --vulns

# Combine with other filters — e.g. bugs introduced in the last 7 days
detail bugs list --vulns --since 7d

# Show a specific vulnerability's full report
detail bugs show bug_abc123

API

Fetch bugs from the API and filter on the isSecurityVulnerability field in the response. Each bug object includes: 
{
  "id": "bug_abc123",
  "title": "SQL injection in user search endpoint",
  "isSecurityVulnerability": true,
  "filePath": "src/api/users.ts",
  "summary": "...",
  "introducedIn": {
    "sha": "a1b2c3d",
    "author": "[email protected]",
    "date": "2024-11-01"
  }
}
Filter your results to objects where isSecurityVulnerability === true.

What each security finding includes

Security findings include all the standard bug report fields. The key fields are:
FieldAPI fieldDescription
TitletitleShort description of the vulnerability
SummarysummaryFull explanation of the security risk and its potential impact
File pathfilePathFile where the vulnerability exists
Introduced byintroducedInCommit SHA, date, author, and PR that introduced the code
Security flagisSecurityVulnerabilityAlways true for security findings
Subscribe to nightly scan notifications in the Detail dashboard to receive an alert whenever new security vulnerabilities are found in your repositories. Catching vulnerabilities the night they’re introduced is far cheaper than finding them in production.