POST
/
api
/
v2
/
ai
/
assistant
curl --request POST \
  --url https://aquilax.ai/api/v2/ai/assistant \
  --header 'Content-Type: application/json' \
  --header 'X-AX-KEY: <api-key>' \
  --data '{
  "code": "try {\n  const user = db.getUserById(req.query.id);\n  res.send(user);\n} catch (err) {\n  res.status(500).send(\"Error\");\n}\n",
  "cwe_id": "CWE-79",
  "cwe_name": "Cross-Site Scripting",
  "line": "105",
  "file": "userController.js",
  "prompt": "How to fix this?",
  "status": "UNVERIFIED",
  "Reason": "SQL Injection in the code",
  "Remedation": "User parameters in the Query string"
}'
"<string>"

Authorizations

X-AX-KEY
string
header
required

Query Parameters

org
string
required

Organization ID

Body

application/json
code
string

A code snippet representing the vulnerable logic or affected lines.

Example:

"try {\n const user = db.getUserById(req.query.id);\n res.send(user);\n} catch (err) {\n res.status(500).send(\"Error\");\n}\n"

cwe_id
string

CWE identifier, if applicable.

Example:

"CWE-79"

cwe_name
string

Optional name or title of the CWE.

Example:

"Cross-Site Scripting"

line
string

Line number(s) where the issue appears.

Example:

"105"

file
string

Name or path of the file containing the snippet.

Example:

"userController.js"

prompt
string

A question to the Security Assistant

Example:

"How to fix this?"

status
string

TRUE POSITIVE, FALSE POSITIVE or UNVERIFIED

Example:

"UNVERIFIED"

Reason
string

Reason of how this is identified as vulnerability from the scanner

Example:

"SQL Injection in the code"

Remedation
string

User parameters in the Query string

Example:

"User parameters in the Query string"

Response

200
application/json
Successful classification result from the AI model in streaming format.

The response is of type string.