Visit PullRequest.comApp Dashboard

HackerOne Code's Conversational AI Agent

Meet HackerOne's very own conversational agent: h1-hai. Developers using HackerOne's Code product can utilize this conversational agent directly within their merge/pull requests.

We developed this AI agent using Anthropic foundation models hosted in AWS Bedrock. We do not perform any additional training on top of the foundation models. h1-hai only uses context from the pull request in scope, which includes relevant conversations and git diffs. This context is used to respond to users.

How does it work?

Simply submit a comment within the pull request and tag @h1-hai. In most cases, the agent should respond within seconds.

What can it do?

h1-hai can answer questions about the pull/merge request in scope, but it can also perform a number of actions to help make our user's experience with HackerOne Code more accessible. Below is a list of example prompts and tasks that are available.

Gain context

Users can get help understanding information about HackerOne Code and how it works without sitting through a meeting with HackerOne or internal stakeholders. We will also be able to provide clarity on other parts of the review including scanner details or the review status. Not an English speaker? No problem. h1-hai supports responses in all major languages and can also help with translations.

  • @h1-hai how does this work?

  • @h1-hai what's the status of this PR?

  • @h1-hai what scanners were run on this PR?

  • @h1-hai what were the scanner findings for this PR?

Outside of getting context regarding the Code product, developers can also get context about the code itself or the entirety of the pull request:

  • @h1-hai any issues with this code?

  • @h1-hai can you suggest a remediation for the issue reported?

  • @h1-hai what has happened so far in this pull request?

  • @h1-hai create a diagram which explains how this new feature works

Perform tasks

h1-hai can do more than talk. We've enabled Code's conversational agent with various capabilities that help developers get things done, as well. Say, for example, our scanning engines did not detect any risks, but the code author wants a review anyway. They can request it here. On the other side, the code author isn't needing a review, but one was requested. They're free to ask h1-hai to cancel the review.

Don't want to wait for a human to check that your remediation resolves the issue? Ask h1-hai:

One of the coolest things h1-hai can tackle is memory retention. Code authors can tell us to remember certain facts specific to their repository or organization and the agent will log that information as a future note, improving our ability to find valid issues. All development teams are different. Record your team's specific coding patterns, architecture, or preferences with h1-hai and we'll remember it for the future.

Here are a few prompt examples:

  • @h1-hai open a review for this PR

  • @h1-hai please cancel the review for this PR

  • @h1-hai please generate a PR summary for me

  • @h1-hai remember this for next time

PreviousCode Core FeaturesNextSupported Languages

Last updated