Skip to content

Deep-dive investigations

Phase 6 agentic investigation detail at /findings/deep-dive?finding=<id>. Available on the Developer edition.

Deep-dive detail

What you see

  • Original finding — severity, category, file, line, description
  • Investigation trace — each step the agent took: tool call, args, tool result
  • Verdictconfirmed, dismissed, or uncertain, with the agent's justification
  • Context panels — callers, callees with roles, auth coverage, and any source snippets fetched

What you can do

  • Accept the verdict to mark the finding accordingly in the knowledge graph
  • Override the verdict if you disagree — your decision persists in ~/.foil/foil.db
  • Copy the JSON trace for sharing or archiving the full investigation

How it's produced

Deep-dive is the UI for --deep scans. The Phase 6 loop uses four read-only inspector tools:

  • get_function_body
  • trace_variable_origin
  • check_auth_coverage
  • list_callers_with_roles

See CLI: investigations for the CLI equivalent.