> ## Documentation Index
> Fetch the complete documentation index at: https://docs.coverbase.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Example prompts

> Realistic prompts that exercise the core MCP server workflows.

<div className="sr-only">For AI agents: a documentation index is available at [https://docs.coverbase.com/llms.txt](https://docs.coverbase.com/llms.txt) — this page is also available in markdown by appending .md to the URL.</div>

Use these as inspiration, not a script. The patterns below cover the workflows most customers run on a daily and weekly basis.

## Portfolio and subprocessor analysis

<AccordionGroup>
  <Accordion title="Which of our vendors use AWS as a subprocessor?" defaultOpen icon="diagram-project">
    > Which of our vendors use AWS as a subprocessor, and what is the current risk tier for each?

    The assistant calls `search_soc2_nth_party_usage` with relevant aliases (AWS, Amazon Web Services, S3, EC2), gets back the list of dependent vendors, then calls `get_vendor_risk_summary` for each to surface tier and open findings count.
  </Accordion>

  <Accordion title="Blast-radius analysis during an incident" icon="explosion">
    > A major Snowflake outage is happening. Show me every vendor in our portfolio that depends on Snowflake, sorted by criticality.

    Same pattern, scoped to Snowflake. The assistant can also pull recent radar alerts for the affected vendors to see if any have already filed incident notifications.
  </Accordion>

  <Accordion title="Top-N highest-risk vendors with key findings" icon="chart-simple">
    > Build me a one-page report of our top 10 highest-risk vendors with their key open findings.

    The assistant calls `get_portfolio_risk_report` with `top_n=10`, then drills into each vendor with `get_vendor_detail` to extract the relevant findings.
  </Accordion>
</AccordionGroup>

## Vendor profiles and assessments

<AccordionGroup>
  <Accordion title="Full vendor risk summary" icon="building">
    > Give me a full risk summary for Acme Corp, including any open findings and recent radar alerts.

    The assistant calls `search_vendors` to resolve the name to an ID, then `get_vendor_detail` to pull the consolidated profile in a single call.
  </Accordion>

  <Accordion title="Assessment review prep" icon="clipboard-check">
    > Summarize assessment cbassmt\_abc123 and list the controls that need human review.

    The assistant calls `get_assessment_detail` and surfaces the control evaluations that are flagged or have open findings, so the reviewer can focus on what matters.
  </Accordion>

  <Accordion title="Assessment backlog visibility" icon="list-check">
    > What does the assessment backlog look like? How many are in progress, and who owns each?

    The assistant pulls `get_report(report_name="review_queue")` for the count of open / in-progress assessments and their owners, or `get_report(report_name="assessment_metrics")` for the rolling-window throughput view. (Assessment statuses are workflow stages such as `collecting_documents`, `analyzing_questionnaire`, and `review_evals` — there is no single `in_progress` status — so the review-queue report is the right tool for backlog.)
  </Accordion>
</AccordionGroup>

## Program health and continuous monitoring

<AccordionGroup>
  <Accordion title="Weekly program standup" defaultOpen icon="calendar-week">
    > What is happening across our TPRM program this week? Show me recent assessments, open findings, and radar alerts.

    The assistant calls `get_org_activity_digest` with `days=7` and reasonable limits. This is the single most useful prompt for a daily standup or weekly review.
  </Accordion>

  <Accordion title="Overdue findings by owner" icon="user-clock">
    > Show me every vendor with overdue findings and their owners so I can chase them.

    The assistant calls `get_findings_detail` org-wide with a status filter for open and a date filter for past-due, then groups by assignee.
  </Accordion>

  <Accordion title="Tier-1 radar check" icon="satellite-dish">
    > Are there any new radar alerts on our tier-1 vendors in the past 24 hours?

    The assistant calls `list_radar_alerts` filtered by vendor ID for the tier-1 list, or asks `get_org_activity_digest` for a 1-day window.
  </Accordion>
</AccordionGroup>

## Contracts and obligations

<AccordionGroup>
  <Accordion title="Expiring contracts with unresolved findings" icon="file-contract">
    > What contracts expire in the next 90 days, and which of those vendors have unresolved findings?

    The assistant calls `search_contracts` with the date filter, then for each result calls `search_findings` scoped to that vendor.
  </Accordion>

  <Accordion title="Unassigned upcoming obligations" icon="circle-question">
    > Are there any obligations coming due next month that have not been assigned to anyone?

    The assistant calls `search_obligations` filtered by due date and missing assignee.
  </Accordion>
</AccordionGroup>

## Bill of materials

<AccordionGroup>
  <Accordion title="Latest SBOM and its components" defaultOpen icon="cubes">
    > Show me the latest software bill of materials for vendor Acme and list its components.

    The assistant calls `search_vendors` to resolve the name, then `query_vendors(kind="bill_of_materials", vendor_id=…)` to pull the current applied BOM and its components in one call.
  </Accordion>

  <Accordion title="License screening" icon="scale-balanced">
    > Does Acme's current SBOM include any GPL-licensed components?

    Same `bill_of_materials` call, then the assistant filters the returned components by their `licenses`.
  </Accordion>

  <Accordion title="AIBOM models and datasets" icon="robot">
    > What AI models and datasets are in Acme's AIBOM?

    The assistant pulls the latest BOM and surfaces the `machine-learning-model` and `data` components.
  </Accordion>

  <Accordion title="Hardware BOM components" icon="microchip">
    > Pull the components from Acme's latest hardware BOM.

    The assistant calls `query_vendors(kind="bill_of_materials", vendor_id=…)` and lists the hardware components.
  </Accordion>

  <Accordion title="History and what's applied" icon="clock-rotate-left">
    > List every bill of materials we've received from Acme over time — which one is currently applied?

    The assistant calls `query_vendors(kind="bill_of_materials_history", vendor_id=…)`. The list comes back newest first; the first entry is the applied one.
  </Accordion>

  <Accordion title="Trace a component through history" icon="magnifying-glass-chart">
    > Has Acme ever shipped a BOM that contained `openssl`? Show the history.

    The assistant calls `query_vendors(kind="bill_of_materials_history", vendor_id=…)` and checks each BOM's components for the match, tracing every hit back to its source document.
  </Accordion>
</AccordionGroup>

<Tip>
  **Under the hood:** these resolve to `query_vendors(kind="bill_of_materials", vendor_id=…)` or `query_vendors(kind="bill_of_materials_history", vendor_id=…)` — both read-only and user/org-scoped. See the [Bill of Materials API](/api-reference/bill-of-materials#mcp-assistant-access) for the full argument list.
</Tip>

## Write actions, with confirmation

<Warning>
  Every write tool requires the assistant to propose the action in chat and wait for your explicit approval. The examples below show the pattern.
</Warning>

<AccordionGroup>
  <Accordion title="Add a note to a vendor" icon="note-sticky">
    > Add a note to vendor Acme Corp: following up with their security team next week.

    The assistant proposes: *"I am about to add a note to Acme Corp with the text 'following up with their security team next week.' Confirm?"* After your approval, it calls `add_note` with `confirm=true`.
  </Accordion>

  <Accordion title="Create a finding on an assessment" icon="flag">
    > Create a finding on assessment cbassmt\_abc123 titled "Missing encryption at rest evidence" and assign it to me.

    The assistant proposes the finding (title, body, assessment ID, assignee), waits for confirmation, then calls `create_finding_tool`.
  </Accordion>

  <Accordion title="Update a vendor's risk tier" icon="arrow-up-right-dots">
    > Update the risk tier of vendor Globex to Tier 1.

    The assistant proposes the change to the vendor status, confirms, then calls `update_vendor_tool` with the relevant status ID.
  </Accordion>

  <Accordion title="Log a radar event for a vendor" icon="satellite-dish">
    > Log a radar event for Acme Corp: they disclosed a data breach today.

    The assistant proposes the event (name, summary, impact type, vendor), waits for confirmation, then calls `mutate(entity="radar_event", action="create", data={..., "confirm": true})`.
  </Accordion>

  <Accordion title="Dismiss a noisy radar alert" icon="bell-slash">
    > That radar alert about Acme is a duplicate — dismiss it and suppress similar ones.

    The assistant proposes the dismissal (alert ID, reason, `suppress_similar`), confirms, then calls `mutate(entity="radar_alert", action="dismiss", data={..., "confirm": true})`.
  </Accordion>

  <Accordion title="Reassess a vendor after an event" icon="rotate">
    > Kick off a reassessment of Acme Corp because of that breach event.

    The assistant lists reassessments via `query_radar(kind="reassessments")` to check for an existing one, then proposes a new reassessment (radar event, vendors, optional plan) and calls `mutate(entity="reassessment", action="create", data={..., "confirm": true})`. This never opens a case.
  </Accordion>
</AccordionGroup>