Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.coverbase.com/llms.txt

Use this file to discover all available pages before exploring further.

Use these as inspiration, not a script. The patterns below cover the workflows most customers run on a daily and weekly basis.

Portfolio and subprocessor analysis

Which of our vendors use AWS as a subprocessor?

Which of our vendors use AWS as a subprocessor, and what is the current risk tier for each?
The assistant calls search_soc2_nth_party_usage with relevant aliases (AWS, Amazon Web Services, S3, EC2), gets back the list of dependent vendors, then calls get_vendor_risk_summary for each to surface tier and open findings count.
A major Snowflake outage is happening. Show me every vendor in our portfolio that depends on Snowflake, sorted by criticality.
Same pattern, scoped to Snowflake. The assistant can also pull recent radar alerts for the affected vendors to see if any have already filed incident notifications.
Build me a one-page report of our top 10 highest-risk vendors with their key open findings.
The assistant calls get_portfolio_risk_report with top_n=10, then drills into each vendor with get_vendor_detail to extract the relevant findings.

Vendor profiles and assessments

Give me a full risk summary for Acme Corp, including any open findings and recent radar alerts.
The assistant calls search_vendors to resolve the name to an ID, then get_vendor_detail to pull the consolidated profile in a single call.
Summarize assessment cbassmt_abc123 and list the controls that need human review.
The assistant calls get_assessment_detail and surfaces the control evaluations that are flagged or have open findings, so the reviewer can focus on what matters.
What does the assessment backlog look like? How many are in progress, and who owns each?
The assistant calls search_assessments with status=in_progress and groups by assignee, or pulls get_assessment_metrics for the rolling window view.

Program health and continuous monitoring

Weekly program standup

What is happening across our TPRM program this week? Show me recent assessments, open findings, and radar alerts.
The assistant calls get_org_activity_digest with days=7 and reasonable limits. This is the single most useful prompt for a daily standup or weekly review.
Show me every vendor with overdue findings and their owners so I can chase them.
The assistant calls get_findings_detail org-wide with a status filter for open and a date filter for past-due, then groups by assignee.
Are there any new radar alerts on our tier-1 vendors in the past 24 hours?
The assistant calls list_radar_alerts filtered by vendor ID for the tier-1 list, or asks get_org_activity_digest for a 1-day window.

Contracts and obligations

What contracts expire in the next 90 days, and which of those vendors have unresolved findings?
The assistant calls search_contracts with the date filter, then for each result calls search_findings scoped to that vendor.
Are there any obligations coming due next month that have not been assigned to anyone?
The assistant calls search_obligations filtered by due date and missing assignee.

Write actions, with confirmation

Every write tool requires the assistant to propose the action in chat and wait for your explicit approval. The examples below show the pattern.
Add a note to vendor Acme Corp: following up with their security team next week.
The assistant proposes: “I am about to add a note to Acme Corp with the text ‘following up with their security team next week.’ Confirm?” After your approval, it calls add_note with confirm=true.
Create a finding on assessment cbassmt_abc123 titled “Missing encryption at rest evidence” and assign it to me.
The assistant proposes the finding (title, body, assessment ID, assignee), waits for confirmation, then calls create_finding_tool.
Update the risk tier of vendor Globex to Tier 1.
The assistant proposes the change to the vendor status, confirms, then calls update_vendor_tool with the relevant status ID.