NetSecAI: the assistant that turns a wall of audit JSON into patches your team can actually ship
A scanner hands you 30 findings and zero idea of what to fix first. That used to drive me up the wall, so I built NetSecAI to sit on top of the dump. Paste the JSON from any cyber audit (Cyber Audit Suite, SecuChecker, whatever scanner you cooked up yourself), or just feed it a URL to scan. Then it walks each finding one at a time. What’s actually broken. How bad. And the exact config line you’d paste to close it. One tab later you’ve got a Markdown ticket ready for Jira or Linear. The whole thing runs offline, against a knowledge base baked right into the page. Want something more long-winded for a report? Drop in your own OpenAI, Anthropic or Gemini key and it’ll lean on the model instead.
Your key lives in this browser’s localStorage and goes straight to the provider. I never proxy it, never log it, never see it.
What NetSecAI actually does
Almost every scanner spits out the same thing. A JSON pile of findings, and a shrug. NetSecAI is the layer I bolt on top. It reads that pile, sorts it by severity and category, explains each item in words a manager will actually understand, then hands you the precise config line or PHP filter you’d type to close it. The chat layout isn’t decoration, by the way. When you’re staring down 12 findings across 3 categories, a conversation forces you to deal with one thing at a time. Honestly that beats your eyes sliding past a flat wall of red.
It eats the JSON from our Cyber Audit Suite (that’s the pairing I’d reach for), SecuChecker Mozilla Observatory’s API output, Qualys SSL Labs, or any scanner you’ve written yourself, as long as it emits a results[] array carrying category + finding.kind + finding.title. The offline engine already knows the usual WordPress and HTTP suspects. So you don’t have to teach it a thing.
Offline rule-based mode versus AI mode
Out of the box it runs offline. The knowledge base maps every finding category to a written-out explanation plus a fix snippet, and that’s the whole trick. Same input, same output, every single time. No key, no internet past the first page load. You always get the full shape back: severity, the plain-English why, the snippet you can paste. Boring, in the best possible way.
AI mode is where it gets chatty. Plug in your own Anthropic, OpenAI or Google key and NetSecAI ships the findings JSON to the model with a prompt that asks it to triage and explain. Then it drops the answer straight into the chat as the assistant. Your key never leaves the browser’s localStorage and never touches my backend. I reach for this mode in two spots. When some weird custom scanner throws categories the rules have never seen. Or when I need a longer write-up to hand a stakeholder who, let’s be real, won’t read a config file.
Pairing with the Cyber Audit Suite
Here’s how I actually use the two together. Run a scan over on /cyber-audit-suite/ hit the Raw JSON tab, copy the dump, paste it in here. Call it five seconds. The Suite tells you what’s broken. NetSecAI tells you what to do about it, in what order, with the exact command to run. One page finds the problems, the next page fixes them, and you never lose the thread.
Exporting findings as tickets
The Markdown export tab spits out a ticket you can hand off as-is, grouped by severity. Each finding lands as a bullet: the title, the plain explanation, the fix snippet, plus a link back to the scan it came from. Paste it into Jira, Linear, GitHub Issues, Notion, wherever your team triages. It’s plain GitHub Flavored Markdown, so the code fences survive the trip and render properly in every tracker I’ve thrown it at so far.
Privacy and data handling
Once the page has loaded, rule-based mode never phones home. Not a single network call while it chews through your findings. AI mode does reach out, sure, but only to the provider you picked, with the key you typed, and that’s the whole story. I never log it, never keep it. One habit I’d keep regardless: if your JSON is stuffed with internal hostnames or URLs you’d rather not share, strip them out first. The rules genuinely don’t care. They work just as well on anonymised input.
Frequently asked questions
Where does my API key go?
Into your own browser, in localStorage under netsecai.apiKey. It never hits a PeopleAreGeek server, never gets logged, never gets proxied. The fetch goes straight from your machine to the provider’s API and back. Done with it? Open the Settings panel and wipe the field, or clear your site data for peoplearegeek.com. Gone.
What format should the input JSON follow?
The bare minimum is {"url": "...", "results": [{"category": "transport", "finding": {"kind": "bad", "title": "...", "body": "..."}}, ...]}. And that’s exactly what the Cyber Audit Suite already hands you, so most of the time you never think about it. SecuChecker and Mozilla Observatory come in a different shape, but I convert those for you on the way in. Rolled your own scanner? If it emits roughly the same nested objects, it’ll just work.
Does AI mode work with any model?
Anything that speaks the OpenAI chat format or the Anthropic messages format. I’ve personally tested GPT-5 turbo and GPT-5 mini on the OpenAI side, Claude Sonnet 4.6 and Claude Opus 4.7 on Anthropic, plus Gemini 3.0 Pro through Google’s GenAI API. The OpenAI-compatible crowd (Mistral, Groq, Together) works too, with their own key formats. Just point the base URL through the model name field and you’re off.
What if the rule-based engine does not recognise a finding category?
It won’t choke. It drops to a generic “category unknown” template and still shows you the title and body in the chat. You just don’t get a tailored fix snippet. When that happens and I actually want an answer, I flip to AI mode. The model is way more forgiving about odd input, and it’ll usually give you something useful even for a finding it’s never laid eyes on.
Can I run this against a private internal URL?
Not directly. “Scan URL live” sends the URL to my backend scanner endpoints (the same ones behind Cyber Audit Suite), and those can’t see inside your network. So for anything internal, do it the other way around. Run the Cyber Audit Suite from inside the network yourself, copy the JSON, paste it here in “Paste audit JSON” mode. From that point on everything happens in your browser, and nothing leaves it.
Is the AI output reproducible?
Nope. Run it twice and you’ll get two slightly different write-ups, because the sampling is random by design. So if you’re producing reports for an auditor and the wording has to match every single time, stick with rule-based mode. Save AI mode for the narrative stuff and stakeholder updates, where nobody’s going to mind that a sentence came out a little differently the second time around.
