GitGuardian Agent

info

This feature is only available for workspaces with a Business plan.

Alpha

The GitGuardian Agent is currently in private alpha. Features and behavior may change as we iterate based on user feedback.

Interested in trying the Agent? Contact us at support@gitguardian.com or reach out to your CSM or account manager to request access.

The GitGuardian Agent is an AI-powered assistant available in the internal monitoring product that helps you investigate, understand, and remediate secret incidents directly from the GitGuardian dashboard.

In its current private alpha version, the Agent works alongside you in a conversational interface and requires your input to move forward. It can execute actions on your behalf (such as assigning incidents or updating tags), but only after you explicitly approve them. In future releases, the Agent will be able to act autonomously, using your permissions to manage incidents at scale.

note

Secret redaction: Sensitive values such as the secret itself are always redacted before being sent to the AI model. The Agent does not need to see the actual secret to provide threat analysis or remediation guidance. For more details, see Data security and privacy.

Why use the Agent?

• Contextual expertise: Get threat explanations, remediation plans, and best practice recommendations tailored to each incident's secret type, severity, and exposure context — without leaving the incident page.
• Actions on your behalf: Ask the Agent to assign incidents, manage tags, or update incident details — it will propose the action and wait for your confirmation before executing.
• Security best practices: Responses are grounded in GitGuardian documentation and industry security standards, helping you follow best practices consistently.

Key capabilities

Incident investigation

• Explain threat patterns: Get detailed explanations of why a secret exposure is risky
• Analyze incident context: Understand the scope and potential impact of an incident
• Identify related incidents: Discover patterns across similar incidents

Remediation planning

• Plan remediation steps: Get tailored guidance on how to address specific incidents
• Prioritize actions: Understand which incidents need immediate attention
• Provide best practices: Learn industry-standard approaches to secret management

Incident management

• Update incidents: Modify incident details through natural language commands
• Assign incidents: Delegate incidents to team members for remediation
• Manage custom tags: Add, remove, or organize tags to categorize incidents
• Explore your workspace: Browse monitored sources, detectors, and team members

How it works

The Agent is a conversational assistant available from the incident detail page. When you ask a question or make a request, it:

1. Understands your intent using the context of the incident you are viewing and your conversation history.
2. Gathers information by querying your incident data, workspace details, or GitGuardian documentation as needed.
3. Responds or proposes an action — for read-only queries it answers directly; for write actions (assigning, tagging, updating) it presents the proposed change and waits for your approval.

The Agent does not operate autonomously or run tasks in the background. Every interaction is initiated by you and requires your presence in the conversation.

Getting started

To start using the GitGuardian Agent:

1. Navigate to an incident detail page in the internal monitoring product of your GitGuardian dashboard
2. Look for the Agent interface in the sidebar or dedicated Agent section
3. Type your question or request in natural language
4. Review the Agent's response and approve any proposed actions

Providing feedback

As the Agent is in private alpha, your feedback is especially valuable. After each response:

• Rate the response: Indicate whether the response was helpful
• Add comments: Provide specific feedback on what could be improved
• Report issues: Let us know if you encounter any problems

This feedback directly shapes how we improve the Agent.

Privacy and security

The GitGuardian Agent operates within your workspace's security boundaries:

• Data isolation: The Agent only accesses data within your workspace
• No training on your data: Your interactions are never used to train or improve AI models
• Secret redaction: Sensitive values are redacted before being sent to the AI model
• Audit logging: All Agent interactions are logged for compliance and review

For a detailed overview of how your data is handled, including encryption, infrastructure, and compliance, see Data security and privacy.

Limitations

• Internal monitoring only: The Agent is currently available only in the internal monitoring product.
• Human oversight required: All write actions require your explicit approval. Critical security decisions should always be reviewed by your team.
• Private alpha: As a private alpha feature, you may encounter rough edges. Your feedback helps us improve.

Next steps

• Learn about Agent tools - Explore the specific tools the Agent uses to help you
• GitGuardian MCP Server - Bring GitGuardian secret detection and incident management to your IDE or CLI using the Model Context Protocol