Web UI
Sentinel includes a browser-based triage dashboard for reviewing and acting on findings.
pip install sentinel[web]
sentinel serve /path/to/repoOpens automatically at http://127.0.0.1:8888. Use --no-open for headless mode.
The main view after selecting a scan run. Severity stat cards give an at-a-glance summary, with findings grouped by severity level below.
- Severity cards: Critical / High / Medium / Low counts at the top
- Filters: Narrow by severity, status, or detector type
- Compare: Select a previous run to see what changed
- Grouping: Findings are grouped by severity, then by directory
Click a directory folder to expand and see individual findings. Each row shows the status badge, title, detector, and file location.
- Bulk triage: checkboxes on each finding with per-severity "select all" toggle
- Sticky action bar appears for batch approve or suppress
Click any finding to see the full detail page with metadata, evidence, notes, and actions.
- Metadata: detector, category, severity, confidence, fingerprint, file location
- Recurrence: how many times this finding has been seen across scans
- Evidence: code snippets with line numbers, git history for the affected file
- Notes: add annotations for team context
- Actions: approve for GitHub issue creation, or suppress with an optional reason
All past scans with finding counts and scope badges (full / incremental / targeted).
Select any run to drill into its findings. Use the "Compare" dropdown on a run page to diff against a previous run and see new, resolved, and persistent findings.
Start a scan from the browser with full control over provider, model, capability tier, and detector selection.
- Repository path, LLM model, and embedding model fields
- Provider and Capability Tiers dropdowns
- Skip-judge and incremental toggles
- Per-detector checkboxes with capability tier badges
View the active configuration, whether a sentinel.toml was found, and environment variable status.
- View approved findings ready for issue creation
- Create GitHub issues or dry-run preview
- Config status indicator (token, owner, repo)
- Run detectors against ground-truth for precision/recall measurement
- Results history with server-side SVG trend chart
- Filterable log of every LLM interaction (prompts, responses, tokens, timing, verdicts)
- Filter by detector, run, or verdict
- Useful for debugging false positives and tuning prompts
- Model-detector compatibility matrix showing empirical quality ratings
- Per-detector configuration form (enable/disable, per-detector provider overrides)
- All 18 built-in detectors listed with tier badges
sentinel serve /repo --host 0.0.0.0 --port 9000 # custom bind
sentinel serve /repo --db /path/to/custom.db # custom database
sentinel serve /repo --no-open # don't open browser- CSRF protection via HMAC-signed tokens (SameSite=Strict cookies)
- Scan paths validated against configurable
allowed_scan_roots - Path traversal prevention via
Path.resolve() - Binds to
127.0.0.1by default (localhost only)
"Night Watch" dark-first theme with light mode toggle. System font stack — no external font dependencies.