Documentation
Tools & actions
What the copilot can do, not just what it can say. Read-only lookups, mutating actions, and how confirmation works.
Last updated May 10, 2026
The assistant ships with a tool / function-calling layer so it can do things, not just describe them. Tools split into two modes:
- Read-only tools (
lookup_finding,find_subprocessor,get_document,list_drift,get_recent_scan) auto-execute during a turn — there is no destructive side-effect, so we save you a click. - Mutating tools (
resolve_drift,request_review,export_audit_log) are proposed by the model and surfaced as a confirmation card. The action only runs when you click Run — and only if your role permits it.
Every tool execution writes an audit-log entry of the form
assistant.tool.<name> with the exact arguments and the result, so
the chain covers anything the assistant did on your behalf.
The tool catalogue
Read-only
| Tool | What it does | Typical question |
|---|---|---|
lookup_finding | Search scan findings by canonical key or label. | "Show me where OpenAI was detected." |
find_subprocessor | Search the active subprocessor inventory. | "Do we use Sentry?" |
get_document | Pull the latest version of a specific document, optionally focused on one heading. | "Quote the retention section of my Privacy Policy." |
list_drift | List the most recent open drift alerts. | "What drift is currently pending?" |
get_recent_scan | Summarise the most recent scan with finding counts and duration. | "When did we last scan, and was it healthy?" |
Mutating (require confirmation + role)
| Tool | What it does | Roles allowed |
|---|---|---|
resolve_drift | Approve a drift alert (republishes the latest draft of the affected document) or dismiss it. | owner / admin / approver |
request_review | Move a draft into pending_approval and reset the 48h reminder + 7d escalation timers. | owner / admin / approver / member |
export_audit_log | Generate a signed CSV / JSON / PDF audit-log export and link to the download. | owner / admin |
If the assistant proposes a tool you don't have a role for, the confirmation card surfaces a permission-denied error rather than silently failing.
Confirmation cards
When a mutating tool is proposed, the assistant pane renders a card showing:
- The tool name (human label, e.g. "Resolve drift alert").
- A one-sentence summary of what will happen.
- The exact JSON arguments the model produced.
- Run and Cancel buttons.
This is deliberate. The assistant cannot covertly mutate your tenant — every state change goes through a click that is recorded against your user, with the same permission gate the dashboard uses.
Tool results in the conversation
Read-only tool results render as compact cards beneath the assistant message that triggered them; mutating tool results render the same way after you confirm. Each card includes:
- A status icon (green check / amber warning / red error).
- The model-summary string the LLM saw.
- An Open link, where applicable, to the relevant dashboard page.
The model sees the tool result on the next turn, so a follow-up question like "OK, resolve drift d1234abc and then open the AI Trust Center" can chain a mutating call and a read-only call in one back-and-forth.
Programmatic access
If you need to invoke a mutating tool outside the chat pane (e.g. from a runbook or a webhook handler), use the REST API instead. Every assistant tool corresponds to an existing dashboard server action or API endpoint:
resolve_drift→POST /api/v1/drift/{id}/resolve(REST API page)request_review→ not exposed yet; use the dashboardexport_audit_log→GET /api/audit/export?format=…