Can Agentic AI be used to augment existing tools? I think there is a lot of nice open source software out there that is too complex/difficult/heavy for most users. There is an opportunity to use AI to simplify the user experience through some automation.
This is the little experiment I did here, building an AI-SAST by wrapping CodeQL with an agentic layer. It makes it so easy to use CodeQL that I’m now revisiting past projects and discovering quite a few surprises!
The agent is used to:
- write custom codeql queries based on the code and a prompt
- triage SARIF output and group issues, extract most important ones
- investigate issues for risk, false positive, etc
Can Agentic AI be used to augment existing tools? I think there is a lot of nice open source software out there that is too complex/difficult/heavy for most users. There is an opportunity to use AI to simplify the user experience through some automation.
This is the little experiment I did here, building an AI-SAST by wrapping CodeQL with an agentic layer. It makes it so easy to use CodeQL that I’m now revisiting past projects and discovering quite a few surprises!
The agent is used to:
- write custom codeql queries based on the code and a prompt
- triage SARIF output and group issues, extract most important ones
- investigate issues for risk, false positive, etc
- prepare pull requests with fixes
Github: https://github.com/eschnou/patchsmith
Blog post with more details: https://blog.transcode.be/patchsmith-ai-codeql-cli/
What other interesting open source tool could benefit from a AI driven UI/UX wrapper layer?