How to Use the Astranaut Chatbot for Contextual Vulnerability Guidance

Introduction

The Astranaut Bot is an AI-powered assistant built into the vulnerability details view. It provides instant, context-aware answers about specific vulnerabilities found in your target — without needing to explain the background each time. This guide shows you how to access and get the most out of the Astranaut Bot.

Prerequisites

• Access to the Astra dashboard

• At least one completed scan with reported vulnerabilities

• AI Features enabled for your target (enabled by default)

Accessing the Astranaut Bot

1. Log in to your Astra dashboard

2. Navigate to Vulnerabilities in the left sidebar

3. Click on any vulnerability to open the Vulnerability Details sheet

4. Scroll to the bottom of the details page

5. Click the Astranaut Bot tab under the Comments section

The bot automatically loads the context of the vulnerability you are viewing — you do not need to describe the issue before asking your question.

What You Can Ask

The Astranaut Bot is designed to answer questions specific to the vulnerability you are viewing. Common questions include:

• "Need more clarity on this vulnerability"

• "How does this impact us?"

• "How can we fix this? Can you share some steps?"

• "On what basis has the severity been assigned?"

• "How can we reproduce this?"

Escalating to a Pentester

If your vulnerability was reported as part of a manual pentest, you will see an option to escalate the conversation directly to one of Astra's security engineers from the same view. This is available to Pentest Plan customers only.

Expected Outcome

The bot responds with context-aware guidance tailored to the specific vulnerability you are viewing. Responses typically cover impact, remediation steps, severity rationale, and reproduction steps based on the vulnerability details.

Important Notes

• Conversations with the Astranaut Bot are private and not visible to other workspace members

• The bot may occasionally produce inaccurate or incomplete answers — always review responses before applying changes to your environment

• Do not share sensitive information such as access tokens, credentials, or private keys in the chat

• The bot is trained on Astra's vulnerability data and industry best practices but is not a substitute for expert review

Troubleshooting

Astranaut Bot tab is not visible

• Confirm that AI Features are enabled for your target. Go to Target Settings → General Settings → Basic Information → Enable AI Features and ensure the toggle is on.

• If the toggle is off, enable it and return to the vulnerability details page.

Bot responses seem generic or unrelated to the vulnerability

• Ensure you are accessing the bot from within a specific vulnerability details sheet and not from the general Vulnerabilities list page. The bot requires vulnerability context to respond accurately.

Escalate to Pentester option is not visible

• This option is only available for vulnerabilities reported during a manual pentest and is restricted to Pentest Plan customers. Automated scan vulnerabilities do not include this option.

AI Features have been disabled for my workspace

• Contact your Workspace Admin to re-enable AI Features under Target Settings. Individual users cannot override workspace-level AI settings.

Next Steps

• Overview of Vulnerabilities Page

• How to Request a Rescan After Fixing Vulnerabilities

• How to mark a vulnerability as a false positive

• What are false positives and how to work with them