For AI agents: a documentation index is available at https://docs.coverbase.com/llms.txt — this page is also available in markdown by appending .md to the URL.
Use these as inspiration, not a script. The patterns below cover the workflows most customers run on a daily and weekly basis.
Portfolio and subprocessor analysis
Which of our vendors use AWS as a subprocessor?
Which of our vendors use AWS as a subprocessor?
Which of our vendors use AWS as a subprocessor, and what is the current risk tier for each?The assistant calls
search_soc2_nth_party_usage with relevant aliases (AWS, Amazon Web Services, S3, EC2), gets back the list of dependent vendors, then calls get_vendor_risk_summary for each to surface tier and open findings count.Blast-radius analysis during an incident
Blast-radius analysis during an incident
A major Snowflake outage is happening. Show me every vendor in our portfolio that depends on Snowflake, sorted by criticality.Same pattern, scoped to Snowflake. The assistant can also pull recent radar alerts for the affected vendors to see if any have already filed incident notifications.
Top-N highest-risk vendors with key findings
Top-N highest-risk vendors with key findings
Build me a one-page report of our top 10 highest-risk vendors with their key open findings.The assistant calls
get_portfolio_risk_report with top_n=10, then drills into each vendor with get_vendor_detail to extract the relevant findings.Vendor profiles and assessments
Full vendor risk summary
Full vendor risk summary
Give me a full risk summary for Acme Corp, including any open findings and recent radar alerts.The assistant calls
search_vendors to resolve the name to an ID, then get_vendor_detail to pull the consolidated profile in a single call.Assessment review prep
Assessment review prep
Summarize assessment cbassmt_abc123 and list the controls that need human review.The assistant calls
get_assessment_detail and surfaces the control evaluations that are flagged or have open findings, so the reviewer can focus on what matters.Assessment backlog visibility
Assessment backlog visibility
What does the assessment backlog look like? How many are in progress, and who owns each?The assistant pulls
get_report(report_name="review_queue") for the count of open / in-progress assessments and their owners, or get_report(report_name="assessment_metrics") for the rolling-window throughput view. (Assessment statuses are workflow stages such as collecting_documents, analyzing_questionnaire, and review_evals — there is no single in_progress status — so the review-queue report is the right tool for backlog.)Program health and continuous monitoring
Weekly program standup
Weekly program standup
What is happening across our TPRM program this week? Show me recent assessments, open findings, and radar alerts.The assistant calls
get_org_activity_digest with days=7 and reasonable limits. This is the single most useful prompt for a daily standup or weekly review.Overdue findings by owner
Overdue findings by owner
Show me every vendor with overdue findings and their owners so I can chase them.The assistant calls
get_findings_detail org-wide with a status filter for open and a date filter for past-due, then groups by assignee.Tier-1 radar check
Tier-1 radar check
Are there any new radar alerts on our tier-1 vendors in the past 24 hours?The assistant calls
list_radar_alerts filtered by vendor ID for the tier-1 list, or asks get_org_activity_digest for a 1-day window.Contracts and obligations
Expiring contracts with unresolved findings
Expiring contracts with unresolved findings
What contracts expire in the next 90 days, and which of those vendors have unresolved findings?The assistant calls
search_contracts with the date filter, then for each result calls search_findings scoped to that vendor.Unassigned upcoming obligations
Unassigned upcoming obligations
Are there any obligations coming due next month that have not been assigned to anyone?The assistant calls
search_obligations filtered by due date and missing assignee.Bill of materials
Latest SBOM and its components
Latest SBOM and its components
Show me the latest software bill of materials for vendor Acme and list its components.The assistant calls
search_vendors to resolve the name, then query_vendors(kind="bill_of_materials", vendor_id=…) to pull the current applied BOM and its components in one call.License screening
License screening
Does Acme’s current SBOM include any GPL-licensed components?Same
bill_of_materials call, then the assistant filters the returned components by their licenses.AIBOM models and datasets
AIBOM models and datasets
What AI models and datasets are in Acme’s AIBOM?The assistant pulls the latest BOM and surfaces the
machine-learning-model and data components.Hardware BOM components
Hardware BOM components
Pull the components from Acme’s latest hardware BOM.The assistant calls
query_vendors(kind="bill_of_materials", vendor_id=…) and lists the hardware components.History and what's applied
History and what's applied
List every bill of materials we’ve received from Acme over time — which one is currently applied?The assistant calls
query_vendors(kind="bill_of_materials_history", vendor_id=…). The list comes back newest first; the first entry is the applied one.Trace a component through history
Trace a component through history
Has Acme ever shipped a BOM that contained openssl? Show the history.
The assistant calls query_vendors(kind="bill_of_materials_history", vendor_id=…) and checks each BOM’s components for the match, tracing every hit back to its source document.Write actions, with confirmation
Add a note to a vendor
Add a note to a vendor
Add a note to vendor Acme Corp: following up with their security team next week.The assistant proposes: “I am about to add a note to Acme Corp with the text ‘following up with their security team next week.’ Confirm?” After your approval, it calls
add_note with confirm=true.Create a finding on an assessment
Create a finding on an assessment
Create a finding on assessment cbassmt_abc123 titled “Missing encryption at rest evidence” and assign it to me.The assistant proposes the finding (title, body, assessment ID, assignee), waits for confirmation, then calls
create_finding_tool.Update a vendor's risk tier
Update a vendor's risk tier
Update the risk tier of vendor Globex to Tier 1.The assistant proposes the change to the vendor status, confirms, then calls
update_vendor_tool with the relevant status ID.Log a radar event for a vendor
Log a radar event for a vendor
Log a radar event for Acme Corp: they disclosed a data breach today.The assistant proposes the event (name, summary, impact type, vendor), waits for confirmation, then calls
mutate(entity="radar_event", action="create", data={..., "confirm": true}).Dismiss a noisy radar alert
Dismiss a noisy radar alert
That radar alert about Acme is a duplicate — dismiss it and suppress similar ones.The assistant proposes the dismissal (alert ID, reason,
suppress_similar), confirms, then calls mutate(entity="radar_alert", action="dismiss", data={..., "confirm": true}).Reassess a vendor after an event
Reassess a vendor after an event
Kick off a reassessment of Acme Corp because of that breach event.The assistant lists reassessments via
query_radar(kind="reassessments") to check for an existing one, then proposes a new reassessment (radar event, vendors, optional plan) and calls mutate(entity="reassessment", action="create", data={..., "confirm": true}). This never opens a case.