Explain This Vulnerability: Frontend - Present Preflight Secret Detection warnings to the user
During the Threat Insights AI Sync we determined that the best course of action to let the user have control over what they are happy to have sent to the AI is to separate the secret-detection pre-flight check to it's own GraphQL endpoint. This will allow the frontend to check for possible secrets, but allow the user to disregard these warnings and still send the code snippet to the AI if they choose to.
Using the API provided in Explain this Vulnerability: Backend - Separate ... (#417078 - closed) • Malcolm Locke • 16.3 • On track, we need to present any pre-flight warnings detected by the Backend to the user to allow them to make an informed decision about whether they want to use the explain this vulnerability feature despite possible secrets in the prompt, or want to go remediate their code first.
Design at #412722[pre-flight_check_failure.png]