Dashboard Guide
The Inkog Dashboard provides a visual interface for scanning code, viewing findings, and managing your security posture across all AI agent projects.
Getting Started
Sign Up
- Visit app.inkog.io
- Sign up with GitHub, Google, or email
- Confirm your email address
API Key
For CLI and API integration, generate an API key:
- Click your avatar → Settings
- Navigate to API Keys
- Click Generate New Key
- Copy and store the key securely (shown only once)
# Use with CLI
export INKOG_API_KEY=your_api_key_here
inkog -path .Running Scans
Web Upload
- Navigate to Scan in the sidebar
- Drag and drop files or click to browse
- Select a scan policy:
- Low Noise - Only HIGH/CRITICAL with high confidence
- Balanced - Recommended for most projects
- Comprehensive - All findings, all severities
- Governance - Focus on compliance gaps
- EU AI Act - Specific EU compliance check
- Click Scan
GitHub Integration
- Go to Integrations → GitHub
- Install the Inkog GitHub App
- Select repositories to scan
- Scans run automatically on every push/PR
Understanding Results
Findings Tab
Each finding shows:
| Field | Description |
|---|---|
| Severity | CRITICAL, HIGH, MEDIUM, or LOW |
| Pattern | Type of vulnerability detected |
| Location | File and line number |
| Confidence | How certain the detection is |
| Remediation | Steps to fix the issue |
Click any finding to expand details including:
- Code snippet with highlighted line
- Risk tier (Vulnerability, Risk Pattern, Best Practice)
- Compliance mapping (CWE, OWASP, EU AI Act)
- Remediation steps with code examples
Topology View
The topology graph visualizes your agent’s architecture:
| Node Color | Meaning |
|---|---|
| Green | Safe - no issues |
| Blue | Low risk |
| Amber | Medium risk |
| Orange | High risk |
| Red | Critical - immediate attention |
| Red dashed | Missing control (ghost node) |
Click any node to see:
- Related findings
- Risk factors
- File location
Governance Score
The governance panel shows compliance status across frameworks:
- EU AI Act - Article compliance status
- NIST AI RMF - MAP/MEASURE/MANAGE categories
- ISO 42001 - AI management system requirements
- OWASP LLM Top 10 - Security best practices
Each framework shows:
- Overall pass/partial/fail status
- Finding counts per requirement
- Drill-down to specific violations
Managing Projects
Create Project
- Click New Project
- Enter project name and description
- Optionally connect to a GitHub repository
- Configure default scan policy
Project Settings
- Policies - Set default scan thresholds
- Notifications - Configure alert channels
- Team - Add collaborators
- Integrations - Connect CI/CD pipelines
Exporting Reports
PDF Report
- Open any scan result
- Click Export → PDF
- Report includes:
- Executive summary
- Finding details
- Compliance mapping
- Remediation guidance
SARIF Export
For integration with code editors and CI systems:
- Click Export → SARIF
- Import into VS Code, GitHub Security, etc.
JSON Export
Raw data for custom integrations:
curl https://api.inkog.io/v1/scans/{scan_id} \
-H "Authorization: Bearer YOUR_API_KEY"Feedback & Calibration
Help improve detection accuracy:
- Click a finding
- Click Mark as False Positive or Confirm
- Optionally add notes explaining your decision
Over time, calibrated confidence scores will better reflect your codebase patterns. See Confidence Calibration for details.
Keyboard Shortcuts
| Shortcut | Action |
|---|---|
j/k | Navigate findings |
Enter | Open finding details |
Esc | Close panel |
f | Mark as false positive |
t | Mark as true positive |
/ | Search |
Related
- Installation - CLI setup
- Configuration - Policy options
- API Reference - Programmatic access
Last updated on