Skip to content

Managing AI issues

When AQtive Guard analyzes data, it evaluates detected AI assets and their properties against the currently active rules. If an asset fails to meet the defined rule parameters, an issue is generated.

Issues alert you to critical deviations in model health and risk posture, enabling you to take prompt action to address security and integrity concerns.

To view AI issues, from the AQG main menu AI section, select Issues.

AI issues table

  • Rule (AI-SPM) - The out-of-policy check or rule that was flagged during analysis.
  • AI-SPM Objects analyzed - Specifies the type of AI asset that triggered the issue (AI models / Agents / MCP servers).
  • Severity - The severity of the issue, as determined by parameters set in the associated rule.
  • Occurrences - Indicates the number of discovered AI assets impacted by this specific issue.
  • Details - Opens a panel showing the full scope of the issue, including a Security Knowledge Graph of impacted assets.

Issue details

In the AI issues table, select Details for any rule to explore the issues flagged by that rule. This panel provides a deep dive into the rule violation, the scope of impact, and contextual data for remediation.

Issue scope and metrics

The top section of the panel displays key summary data for the violation:

  • Severity - The specific severity level assigned to the overall finding (Low / Medium / High).
  • Occurrences - The total number of unique assets impacted by this specific rule violation.
  • Objects analyzed - The type of asset that triggered the rule (Models / Agents / MCP servers).

Security Knowledge Graph

This visual component displays the relationships between the impacted assets, showing model lineage and potential dependencies to help you understand the full impact of the issue.

Refer to Security Knowledge Graph for details.

Impacted assets table

This table details the occurrences of the flagged rule.

  • Name - The unique name or identifier of the model.
  • Model health score - The metric indicating the model’s overall AI security posture.
  • Severity - The severity level assigned to this asset based on this issue.

Enhanced vulnerability insights

While all issues are presented consistently within the AI issues table, those involving MCP servers and model-serialization offer deeper technical context.

Because these findings are derived from specialized analysis pipelines, they include granular data, such as specific code snippets, and file paths to help you pinpoint and resolve underlying vulnerabilities more effectively.

These enhanced insights apply to:

  • MCP server issues: Vulnerabilities detected in MCP server repositories and configurations.
  • Model-serialization issues: Issues in how models or artifacts are serialized and stored.

Investigating occurrence details and evidence

You can track and investigate these detailed security findings by navigating from high-level issue summaries down to specific asset occurrences within the AI-SPM interface.

MCP server issue details

To investigate vulnerabilities detected in MCP server repositories and configurations:

  1. From the AQG main menu AI section, select Issues.
  2. In the AI issues table, locate a row where the AI-SPM objects analyzed column shows MCP servers and select Details.
  3. In the Impacted assets table, identify the specific server or environment and select the caret (v) icon to expand the row.
  4. Review the nested Issue occurrences to see the following:
    • Occurrence location - The specific file path and line number (for example, README.md#L10) where the vulnerable object (MCP server) is being used.
    • Details - A concise explanation of the specific behavior or configuration triggering the finding.
    • Evidence - The primary files, scripts, or artifacts that contain the vulnerable pattern.
  5. Select Details at the end of an occurrence row to open the full Occurrence details panel.
MCP server occurrence details

When you drill down into a specific MCP server occurrence, the details panel provides the following information:

  • Rule description - A high-level summary of the security violation.
  • Category - Maps the issue to a security taxonomy (e.g., Configuration & Environment Vulnerabilities).
  • CVSS score - A formally computed security score used to determine the overall severity level.
  • Likelihood - The probability that the vulnerability will be successfully exploited (High, Medium, or Low).
  • AQG Agent confidence - The agent’s self-assessed certainty that the detection is correct (for example, High).
  • Result description - A plain-language explanation of the behavior detected and the security risk it poses.
  • Remediations - Actionable technical steps or code changes required to fix the issue.
  • Impact - Detailed explanation of the potential consequences if the vulnerability is exploited.
  • Evidence - The files that are involved. Select Show to reveal the specific code snippets or configuration lines that triggered the alert.
  • Affected components - A list of the specific files and paths that must be addressed.

Model serialization issue details

To investigate issues in how models or artifacts are serialized and stored:

  1. From the AQG main menu AI section, select Issues.
  2. In the AI issues table, locate a row where the Rule (AI-SPM) column shows Model serialization issues found and select Details.
  3. In the Impacted assets table, identify the specific model or artifact and select the caret (v) icon to expand the row.
  4. Review the nested Issue occurrences to see the following:
    • Occurrence location - The specific file path and line number (for example, README.md#L10) where the model with the vulnerability is used.
    • Details - A concise explanation of the specific behavior or configuration triggering the finding.
    • Evidence - The primary files, scripts, or artifacts that contain the vulnerable pattern.
  5. Select Details at the end of an occurrence row to open the full Occurrence details.
Model serialization occurrence details

When you drill down into a specific model serialization occurrence, the details panel provides the following information:

  • Rule description - A summary of the serialization policy violation.
  • Asset evaluated - The specific model or artifact being analyzed.
  • Severity - The critical level assigned to the serialization risk.
  • Category - The classification of the serialization vulnerability.
  • Result description - A detailed explanation of why the serialization method or artifact was flagged.
  • Evidence - The files or artifacts where the vulnerable serialization pattern was found.