Open
Conversation
Contributor
WalkthroughThe PR restructures Analyze Attack Path Data docs: adds a new Changes
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~25 minutes Poem
🚥 Pre-merge checks | ✅ 2 | ❌ 1❌ Failed checks (1 inconclusive)
✅ Passed checks (2 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
|
Preview deployment for your docs. Learn more about Mintlify Previews.
|
Contributor
Author
|
@coderabbitai review |
Contributor
✅ Actions performedReview triggered.
|
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Actionable comments posted: 5
🧹 Nitpick comments (2)
docs/docs.json (1)
1512-1514: Prefer a direct redirect to avoid chaining legacy posture routes.This mapping currently creates an extra hop (
/analyze-data/bloodhound-gui/posture-page→/analyze-data/posture-page→/analyze-data/findings/posture).🚦 Proposed refinement
{ "source": "/analyze-data/bloodhound-gui/posture-page", - "destination": "/analyze-data/posture-page" + "destination": "/analyze-data/findings/posture" },🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@docs/docs.json` around lines 1512 - 1514, Update the redirect mapping that currently maps "source": "/analyze-data/bloodhound-gui/posture-page" to "destination": "/analyze-data/posture-page" so it points directly to the final route; change the destination to "/analyze-data/findings/posture" to remove the intermediate hop and avoid chained redirects.docs/analyze-data/findings/posture.mdx (1)
34-37: Consider removing duplicate time picker reference.Lines 34 and 37 both mention that custom date ranges include a time picker. The repetition within the same section may be unnecessary.
♻️ Proposed fix to reduce duplication
Choose from preset ranges or set a custom range to compare specific analysis runs. Custom date ranges include a time picker, so you can set exact start and end times. <Tip> - For meaningful trend comparisons, use the same filter scope and similar date ranges across reviews. Custom date ranges include a time picker, so you can set exact start and end times. + For meaningful trend comparisons, use the same filter scope and similar date ranges across reviews. </Tip>🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@docs/analyze-data/findings/posture.mdx` around lines 34 - 37, Remove the duplicated sentence about the time picker by keeping it once and deleting the other occurrence; specifically, in the section that currently contains both the inline sentence "Custom date ranges include a time picker, so you can set exact start and end times." and the identical sentence inside the <Tip> block, retain the tip's phrasing (or the inline line) and remove the redundant copy so the guidance appears only once in the "Choose from preset ranges..." paragraph/Tip pair.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@docs/analyze-data/findings/attack-paths.mdx`:
- Line 12: The sentence "These risks are represented as findings, which includes
prioritization data..." has a subject-verb agreement error; change the verb
"includes" to "include" so the clause reads "which include prioritization
data..." to match the plural subject "findings" (edit the findings sentence in
attack-paths.mdx).
- Line 20: Remove the internal drafting note "**DELETE ME**: Would like to use
some kind of visual..." from the attack-paths.mdx content (the visible callout
at line containing "**DELETE ME**"); replace it with a neutral, user-facing
callout requesting a non-sensitive visual or abstract illustration (e.g.,
"Consider adding an abstract visual or diagram to illustrate attack paths
without revealing sensitive findings") so the page contains no internal
editorial markers and still prompts for safe visuals.
In `@docs/analyze-data/findings/risk-acceptance.mdx`:
- Line 10: Fix two copy issues in the text: replace "for certain amount of time"
with "a certain amount of time" in the sentence that begins "Not every finding
requires immediate remediation..." and capitalize "Enterprise" where it appears
lowercase on the later line (the occurrence currently written as "enterprise")
so it reads "Enterprise"; update both string literals accordingly.
In `@docs/docs.json`:
- Around line 1612-1614: The redirect entry with "source":
"/analyze-data/accept-findings" has an incorrect "destination" value
"/analyze-data/findings/accept"; update the destination to
"/analyze-data/findings/risk-acceptance" so it points to the existing docs page
(docs/analyze-data/findings/risk-acceptance.mdx), keeping the same "source" key
and JSON structure.
In `@docs/resources/glossary/overview.mdx`:
- Around line 102-105: Remove the duplicated sentence in the "Hygiene"
definition: delete the repeated sentence "Examples include dangerous edges
originating from broadly populated default groups. Hygiene findings are
displayed separately in a dedicated filter view on the **Attack Path** and
**Posture** pages." so the Hygiene entry contains that explanation only once,
keeping the single correct instance under the "Hygiene" heading.
---
Nitpick comments:
In `@docs/analyze-data/findings/posture.mdx`:
- Around line 34-37: Remove the duplicated sentence about the time picker by
keeping it once and deleting the other occurrence; specifically, in the section
that currently contains both the inline sentence "Custom date ranges include a
time picker, so you can set exact start and end times." and the identical
sentence inside the <Tip> block, retain the tip's phrasing (or the inline line)
and remove the redundant copy so the guidance appears only once in the "Choose
from preset ranges..." paragraph/Tip pair.
In `@docs/docs.json`:
- Around line 1512-1514: Update the redirect mapping that currently maps
"source": "/analyze-data/bloodhound-gui/posture-page" to "destination":
"/analyze-data/posture-page" so it points directly to the final route; change
the destination to "/analyze-data/findings/posture" to remove the intermediate
hop and avoid chained redirects.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: f901d0b7-e025-4589-afbf-e38f51bec0a7
📒 Files selected for processing (13)
docs/analyze-data/accept-findings.mdxdocs/analyze-data/findings/attack-paths.mdxdocs/analyze-data/findings/posture.mdxdocs/analyze-data/findings/risk-acceptance.mdxdocs/analyze-data/overview.mdxdocs/analyze-data/posture-page.mdxdocs/analyze-data/privilege-zones/overview.mdxdocs/docs.jsondocs/integrations/splunk/siem/use.mdxdocs/opengraph/developer/schema.mdxdocs/resources/glossary/overview.mdxdocs/resources/release-notes/2026-01-22.mdxdocs/snippets/analysis/post-processed-edges.mdx
💤 Files with no reviewable changes (2)
- docs/analyze-data/accept-findings.mdx
- docs/analyze-data/posture-page.mdx
craigw-SO
reviewed
Apr 7, 2026
Contributor
craigw-SO
left a comment
craigw-SO
left a comment
There was a problem hiding this comment.
Review of all the misc changes and the "Attack Paths" page. Still need to review "Posture" and "Risk Acceptance", but wanted to submit this feedback ASAP.
StephenHinck
reviewed
Apr 8, 2026
StephenHinck
reviewed
Apr 8, 2026
StephenHinck
reviewed
Apr 8, 2026
StephenHinck
reviewed
Apr 8, 2026
StephenHinck
reviewed
Apr 8, 2026
StephenHinck
reviewed
Apr 8, 2026
StephenHinck
reviewed
Apr 8, 2026
StephenHinck
reviewed
Apr 8, 2026
StephenHinck
reviewed
Apr 8, 2026
StephenHinck
reviewed
Apr 8, 2026
StephenHinck
reviewed
Apr 8, 2026
Contributor
StephenHinck
left a comment
StephenHinck
left a comment
There was a problem hiding this comment.
+1ed several comments from Craig and added some of my own. Biggest thing that stood out to me was that multiple concept sets were defined multiple times across this PR and snippets would help there. I do believe Mintlify supports the concept of a "term" that we could enable folks to click on, rather than re-describing on every article.
Contributor
There was a problem hiding this comment.
Actionable comments posted: 2
♻️ Duplicate comments (1)
docs/analyze-data/findings/posture.mdx (1)
100-113:⚠️ Potential issue | 🟡 MinorAvoid Tier Zero-specific wording in zone-filtered sections.
Lines 100 and 113 read as Tier Zero-only, but this page supports other selected zones too. Make these descriptions zone-agnostic.
🧩 Proposed fix
-This section provides a summary of risk within the applied filter on the selected end date, including the change in Attack Paths, findings, and Tier Zero objects within the selected time frame. +This section provides a summary of risk within the applied filter on the selected end date, including the change in Attack Paths, findings, and objects in the selected zone within the selected time frame.- <img src="/images/posture_page/total-exposure-graph.png" alt="A view of the Total Tier Zero Attack Path Exposure graph on the Posture page" /> + <img src="/images/posture_page/total-exposure-graph.png" alt="A view of the Attack Path Exposure graph on the Posture page" />🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@docs/analyze-data/findings/posture.mdx` around lines 100 - 113, The copy in the Posture summary and the "Attack Path Exposure" description uses Tier Zero-specific wording; update the text in the "This section provides a summary..." block and the "Attack Path Exposure" paragraph so they refer generically to the selected zone (e.g., "selected zone" or "selected privilege zone") instead of "Tier Zero" or "Total Tier Zero", ensuring all mentions inside the "Posture Over Time Graphs" section and related image captions are zone-agnostic and consistent with supporting other zones.
🧹 Nitpick comments (2)
docs/analyze-data/findings/posture.mdx (1)
40-44: Remove duplicated time-picker sentence.The same sentence appears in both Line 40 and Line 43. Keeping it once will tighten readability.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@docs/analyze-data/findings/posture.mdx` around lines 40 - 44, There is a duplicated sentence "Custom date ranges include a time picker, so you can set exact start and end times." in the paragraph and the Tip block; remove the duplicate so the sentence appears only once (either in the main paragraph or inside the <Tip> block) while preserving the other content and meaning; update the surrounding text to ensure flow remains correct after removing the redundant sentence.docs/analyze-data/findings/attack-paths.mdx (1)
70-80: Complete the finding-types section or narrow its scope.The section says findings are grouped into types, but it currently documents only relationship-based and list-based. Since Hygiene is already referenced on this page, consider adding a dedicated Hygiene definition here (or explicitly state this section covers only two types).
📚 Proposed refinement
### Finding types BloodHound Enterprise groups findings into types to help you separate structural access risks from principal-level configuration risks. #### Relationship-based finding <defRelationshipBasedFinding /> #### List-based finding <defListBasedFinding /> + +#### Hygiene finding + +<defHygiene />🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@docs/analyze-data/findings/attack-paths.mdx` around lines 70 - 80, The "Finding types" section currently lists only Relationship-based and List-based findings via the components defRelationshipBasedFinding and defListBasedFinding but references Hygiene elsewhere; either add a Hygiene definition component (e.g., introduce a defHygieneFinding component and document its purpose) and include it alongside defRelationshipBasedFinding and defListBasedFinding, or explicitly state in the "### Finding types" paragraph that this section covers only those two types and point readers to the existing Hygiene documentation elsewhere on the page; update the heading paragraph accordingly and ensure references use the same component names (defRelationshipBasedFinding, defListBasedFinding, and if added defHygieneFinding) so the content is consistent.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@docs/analyze-data/findings/attack-paths.mdx`:
- Line 24: The phrase "Attack Paths types" is grammatically incorrect; update
the string in the document where "Attack Paths details" is followed by "Attack
Paths types detected" to use either "Attack Path types" or "types of Attack
Paths" (e.g., replace "Attack Paths types detected" with "Attack Path types
detected") so the pluralization is correct and consistent with the heading
"Attack Paths details".
In `@docs/analyze-data/findings/posture.mdx`:
- Line 28: The "Zone" heading is using level-2 (## Zone) but should be a level-3
heading under the existing "Filters" section; update the heading token for
"Zone" from "## Zone" to "### Zone" so it correctly nests beneath the "##
Filters" header.
---
Duplicate comments:
In `@docs/analyze-data/findings/posture.mdx`:
- Around line 100-113: The copy in the Posture summary and the "Attack Path
Exposure" description uses Tier Zero-specific wording; update the text in the
"This section provides a summary..." block and the "Attack Path Exposure"
paragraph so they refer generically to the selected zone (e.g., "selected zone"
or "selected privilege zone") instead of "Tier Zero" or "Total Tier Zero",
ensuring all mentions inside the "Posture Over Time Graphs" section and related
image captions are zone-agnostic and consistent with supporting other zones.
---
Nitpick comments:
In `@docs/analyze-data/findings/attack-paths.mdx`:
- Around line 70-80: The "Finding types" section currently lists only
Relationship-based and List-based findings via the components
defRelationshipBasedFinding and defListBasedFinding but references Hygiene
elsewhere; either add a Hygiene definition component (e.g., introduce a
defHygieneFinding component and document its purpose) and include it alongside
defRelationshipBasedFinding and defListBasedFinding, or explicitly state in the
"### Finding types" paragraph that this section covers only those two types and
point readers to the existing Hygiene documentation elsewhere on the page;
update the heading paragraph accordingly and ensure references use the same
component names (defRelationshipBasedFinding, defListBasedFinding, and if added
defHygieneFinding) so the content is consistent.
In `@docs/analyze-data/findings/posture.mdx`:
- Around line 40-44: There is a duplicated sentence "Custom date ranges include
a time picker, so you can set exact start and end times." in the paragraph and
the Tip block; remove the duplicate so the sentence appears only once (either in
the main paragraph or inside the <Tip> block) while preserving the other content
and meaning; update the surrounding text to ensure flow remains correct after
removing the redundant sentence.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: c6f62b5f-6354-4650-8c33-a641bd61a41e
⛔ Files ignored due to path filters (1)
docs/images/attack-paths/page-overview.pngis excluded by!**/*.png
📒 Files selected for processing (7)
docs/analyze-data/findings/analysis.mdxdocs/analyze-data/findings/attack-paths.mdxdocs/analyze-data/findings/posture.mdxdocs/analyze-data/findings/risk-acceptance.mdxdocs/analyze-data/overview.mdxdocs/docs.jsondocs/opengraph/developer/schema.mdx
✅ Files skipped from review due to trivial changes (2)
- docs/analyze-data/findings/risk-acceptance.mdx
- docs/analyze-data/findings/analysis.mdx
🚧 Files skipped from review as they are similar to previous changes (2)
- docs/analyze-data/overview.mdx
- docs/docs.json
Contributor
There was a problem hiding this comment.
Actionable comments posted: 2
🧹 Nitpick comments (1)
docs/analyze-data/findings/posture.mdx (1)
40-44: Remove duplicated sentence about the custom time picker.The “Custom date ranges include a time picker...” sentence appears in both the paragraph and the Tip, which is repetitive. Keep it in one place for cleaner flow.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@docs/analyze-data/findings/posture.mdx` around lines 40 - 44, Remove the duplicated sentence "Custom date ranges include a time picker, so you can set exact start and end times." from either the main paragraph or the <Tip> block in the Posture document; keep the sentence only once (preferably in the Tip for emphasis) and ensure the remaining paragraph and Tip read smoothly without duplication, updating surrounding punctuation if needed.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@docs/analyze-data/findings/posture.mdx`:
- Line 38: Tighten the redundant phrasing in the sentence that reads "For
example, you can compare the current state of your environment to a previous
point in time to see how your risk posture has changed." Replace "a previous
point in time" with a more concise phrase such as "an earlier time" or "a
previous point" so the sentence becomes e.g. "For example, you can compare the
current state of your environment to an earlier time to see how your risk
posture has changed."
- Around line 132-135: Update the "Objects" paragraph to explicitly state that
changes to zone object membership (adds/removals) are not shown immediately but
become visible only after the next completed analysis run; target the paragraph
under the "Objects" heading (the sentence beginning "As you add or remove
objects from the selected zone...") and add one concise clause like "Changes are
reflected after the next completed analysis run" to clarify the delay.
---
Nitpick comments:
In `@docs/analyze-data/findings/posture.mdx`:
- Around line 40-44: Remove the duplicated sentence "Custom date ranges include
a time picker, so you can set exact start and end times." from either the main
paragraph or the <Tip> block in the Posture document; keep the sentence only
once (preferably in the Tip for emphasis) and ensure the remaining paragraph and
Tip read smoothly without duplication, updating surrounding punctuation if
needed.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: 033d66f9-41ca-4fcd-b81d-562b3dc7e27c
📒 Files selected for processing (3)
docs/analyze-data/findings/attack-paths.mdxdocs/analyze-data/findings/posture.mdxdocs/resources/glossary/overview.mdx
✅ Files skipped from review due to trivial changes (1)
- docs/analyze-data/findings/attack-paths.mdx
🚧 Files skipped from review as they are similar to previous changes (1)
- docs/resources/glossary/overview.mdx
|
|
||
| ### Date range | ||
|
|
||
| The date range filter allows you to compare posture trends between analysis runs. For example, you can compare the current state of your environment to a previous point in time to see how your risk posture has changed. |
Contributor
There was a problem hiding this comment.
Tighten redundant phrasing in the date-range description.
“a previous point in time” is wordy; consider “a previous point” or “an earlier time.”
🧰 Tools
🪛 LanguageTool
[style] ~38-~38: This phrase is redundant. Consider writing “point” or “time”.
Context: ...state of your environment to a previous point in time to see how your risk posture has change...
(MOMENT_IN_TIME)
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@docs/analyze-data/findings/posture.mdx` at line 38, Tighten the redundant
phrasing in the sentence that reads "For example, you can compare the current
state of your environment to a previous point in time to see how your risk
posture has changed." Replace "a previous point in time" with a more concise
phrase such as "an earlier time" or "a previous point" so the sentence becomes
e.g. "For example, you can compare the current state of your environment to an
earlier time to see how your risk posture has changed."
Comment on lines
+132
to
+135
| * **Objects** - This graph represents the trend in the total number of objects in the selected zone. | ||
|
|
||
| As you add or remove objects from the selected zone, this chart helps you track the changes in the number of objects over time. | ||
|
|
Contributor
There was a problem hiding this comment.
Clarify when zone object-count changes become visible.
This reads as immediate feedback, but object membership updates are reflected after the next completed analysis run. Adding that constraint here would prevent confusion.
Based on learnings: In BloodHound Privilege Zones docs, object membership visibility requires an analysis run to complete before changes are reflected.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@docs/analyze-data/findings/posture.mdx` around lines 132 - 135, Update the
"Objects" paragraph to explicitly state that changes to zone object membership
(adds/removals) are not shown immediately but become visible only after the next
completed analysis run; target the paragraph under the "Objects" heading (the
sentence beginning "As you add or remove objects from the selected zone...") and
add one concise clause like "Changes are reflected after the next completed
analysis run" to clarify the delay.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Purpose
This pull request (PR) addresses a gap in doc coverage for the Attack Paths page in BloodHound Enterprise as described in BP-2488.
It also proposes a new structure for the Analyze Attack Path Data section in the left nav:
Note
I think we should move the BloodHound Configuration page to the Manage BloodHound section, but that's out of scope for this PR. It'll probably happen soon when I document the API key expiration feature.
Staging
https://specterops-bp-2488-findings.mintlify.app/analyze-data/findings/attack-paths
TODOs
Summary by CodeRabbit