Once your environment is set up, you can interact with the ThreatExploit AI assistant using simple, natural language. You don't need to learn complex commands or API endpoints; simply tell the assistant what you want to accomplish, and it will handle the heavy lifting.
This guide covers how to verify your connection and provides examples of the types of tasks the assistant can perform for you.
Verifying your connection
Before diving into complex tasks, it's a good idea to ensure the assistant is properly connected to your ThreatExploit environment. The assistant has built-in tools (get_status and get_version) that it can use to check your setup.
Try asking the assistant one of these questions:
"Are you connected to ThreatExploit?"
"What is the current connection status?"
"What version of the pt-agent are you running?"
When you ask for the status, the assistant queries the server and will tell you if it's connected, the current agent version, and how many instances are currently running in your environment.
sequenceDiagram
participant U as You
participant A as AI Assistant
participant T as ThreatExploit API
U->>A: "What is my connection status?"
A->>T: Fetch status and running instances
T-->>A: Return JSON (Connected, Version, Instances)
A-->>U: "You are connected! You have 2 running instances."Automatic Re-discovery
If your connection to the Studio drops or fails, you don't need to restart everything. The assistant caches your target and will automatically attempt to re-discover it on your next request.
Example queries
The AI assistant is designed to help you manage infrastructure, run security tests, and analyze reports. Here are some examples of what you can ask, grouped by category:
Pentesting & Scanning
You can initiate and schedule security tests directly through chat.
"Run a port scan on example.com"
"Schedule a full pentest on 10.0.0.1 with AGGRESSIVE style"
"Create a playbook for web app testing that focuses on the OWASP Top 10"
Reporting & Information
Ask the assistant to summarize past activities or pull specific data.
"What pentests have been run recently?"
"Show me the report for the last completed pentest"
"What vulnerabilities were found in the last pentest?"
"What's my current billing usage?"
Infrastructure Management
Manage your servers and keep track of important operational details.
"Start my EU server"
"Save a memory note about known credentials for the target"
Troubleshooting your connection
If the assistant reports that it cannot connect and automatic re-discovery fails, you may need to verify your environment configuration.
View required environment variables
Ensure the following environment variables are correctly set in your environment. The assistant relies on these to authenticate and route requests.
| Variable | Required | Default | Description |
|---|---|---|---|
BEARER_TOKEN | Yes | — | ThreatWinds bearer token for authentication. |
STUDIO_API_URL | No | https://studio.dev.threatexploit.ai | Studio API base URL. |
THREATWINDS_API_URL | No | https://apis.dev.threatwinds.com/api | ThreatWinds API base URL. |
PT_AGENT_PORT | No | 9741 | pt-agent HTTP port used during auto-discovery. |
Never share your BEARER_TOKEN or commit it to source control. If you suspect your token has been compromised, revoke it immediately in your ThreatWinds dashboard and generate a new one.
