V12 Docs

Reading findings

Understand the findings list, proof-of-concept output, remediation guidance, and review controls.

When a run completes, open it in Runs and switch to the Findings tab.

The findings experience is designed to help you answer four questions quickly:

  1. What is the issue?
  2. Where is it?
  3. Can it be reproduced?
  4. How should we fix or triage it?

Findings list

The list groups findings by severity and cluster where applicable.

Each row includes the core information you need for first-pass triage:

  • the severity tag,
  • the finding number such as F-001,
  • the finding title, and
  • the current validity state.

Use the filters above the list to narrow by:

  • severity,
  • validity,
  • target, and
  • free-text search.

Finding details panel

Selecting a finding opens the detail panel.

The panel always starts on the Finding tab and may also include:

  • Proof of concept when exploit content is available, and
  • Remediation when V12 generated fix guidance or a validated patch.

Finding tab

The Finding tab is the main explanation view. Depending on the result, it can include:

  • a plain-language description,
  • affected files, contracts, functions, or other targets,
  • detailed technical analysis,
  • grouped or deduplicated context, and
  • automated triage notes.

Proof of concept tab

When present, this tab shows the exploit artifact or reproduction details V12 generated for the finding.

Treat it as evidence that the issue was pushed beyond static suspicion into something concrete enough to execute or demonstrate.

Remediation tab

When present, this tab shows remediation guidance and may include:

  • an explanation of the proposed fix,
  • a patch, and
  • validation output.

A validated remediation means V12 was able to re-check the exploit path against the proposed fix and confirm the original exploit no longer succeeds.

Review controls

You can review a finding directly from the list or the details panel.

Severity

Use the severity tag dropdown in the list to change the severity for your team.

Validity

Use the validity controls to mark a finding as:

  • Valid
  • Invalid
  • Acknowledged
  • Unreviewed

In the details panel, clicking an already-active validity button resets the finding back to Unreviewed.

Team notes

Each finding also has a Team notes section. Use Add a note to leave review context, handoff details, or follow-up items for your teammates.

Notes are shared with your team on that finding, so they are a good place to capture why a finding was marked valid, invalid, or acknowledged.

V12 supports fast review once you are inside the panel:

  • f toggles the fullscreen details view.
  • and move between tabs when multiple tabs exist.
  • Ctrl/Cmd + or moves to the previous or next finding.

Each finding also has a stable URL so you can share a direct link with teammates.

Next: Triage severity and validity.

Connect a repo and run your first audit

Sign in, connect GitHub, choose a source, and launch either a full audit or a diff review.

Managing severity and validity

Triage findings consistently so the highest-risk issues get attention and false positives stay out of the way.

On this page

Findings listFinding details panelFinding tabProof of concept tabRemediation tabReview controlsSeverityValidityTeam notesNavigation and sharing