AHA (Application Health Assistant) is an AI-powered tool integrated with CAST Imaging and CAST Highlight that automates the detection and remediation of Green Vulnerabilities using Gen AI. It streamlines application health management by providing intelligent, context-aware fixes and actionable insights to enhance software quality.
- Utilize the tool for all onboarded applications to effectively address GREEN deficiencies
- Capture application health and GREEN indicator scores from CAST Highlights (before/after running the tool)
- Identify the accuracy of the tool to ensure reliable results
- Evaluate efficiency gains for developers when fixing issues with the tool
- GitHub account required
- Must have at least one of these access levels on the GitHub code repository:
- Write
- Maintain
- Admin (Any one required to create pull requests)
- Application must have a repository on GitHub
- Application must be onboarded on CAST HL and Imaging
- AHA admin can then onboard the application in AHA
Accessible via Angular default port (4200): http://localhost:4200
Provides tool overview with 'Login with GitHub' button for authentication.
GitHub used for authentication. Three scenarios:
- Not logged into GitHub: Prompts for username and device verification
- Logged into GitHub: Direct authentication
- Token expired: Requires re-authorization
Users need:
- GitHub account
- Write/Maintain/Admin role on at least one onboarded GitHub project repository
Admin menu appears only for admin/super admin roles.
After authentication, shows:
- Application dropdown (only accessible repositories)
- Repository name, CAST HL branch, last scan dates
- Green Impact issue numbers in orange box
Clicking orange box shows:
- Detailed issue information
- Impacted objects (occurrences count)
- Select one/multiple objects for AI fixing
- 'Add to request' enables 'Fix' button
- Disabled objects re-enabled after CAST Imaging re-scan if not fixed
Shows requested objects count vs total for each issue.
- Select prompt
- Click 'Fix with AI' to send to AHA Engine
- Engine combines prompt with CAST Imaging dependencies
- Returns fix code via Core API OpenAI (Len AI API)
Six statuses:
- Response Queued
- Response Success (PR Awaited)
- Partial Success
- Unmodified
- Failure
- Completed
Notes:
- PR only creatable for statuses 2 & 3
- Retry button appears for partial success/unmodified/failure
- Check details via 'Fix Objects' link
- Error messages visible via status links
Pull Request Process:
- Creates new branch from base
- Updates fixed code in new branch
- Creates PR (manual merge required)
Whitespace Tip: If formatting issues occur, enable 'Hide whitespace' in GitHub PR settings.
Users can submit feedback.
Three screens:
- Application List: Onboard new apps (add/edit/delete)
- Prompt List: Create/modify prompts
- User Management: Manage user roles
Roles:
- Developer: Full site access (no admin tab)
- Admin: Access to admin tab (app onboarding/prompts)
- Super Admin: Admin tab + user management
- Retry feature for completed status with prompt selection
- Custom prompt creation on prompt selection screen
- Expand prompts library
- Dashboard for application health/GREEN indicator status