AI Agent Capabilities

OpsCompanion's AI agent has comprehensive read access across your cloud infrastructure, development tools, and network services.

This page catalogs every capability the AI has access to, organized by integration and service type.

Multi-Cloud Infrastructure

Amazon Web Services (AWS)

Compute

• List and inspect EC2 instances across all regions
• Get Lambda function configurations and recent invocations
• List and inspect ECS clusters and services

Storage

• List S3 buckets and objects
• Get EBS volume details and attachments
• List and inspect EFS file systems

Networking

• List VPCs, subnets, and route tables
• Inspect security groups and their rules
• Get effective firewall rules for specific instances
• List and inspect load balancers (ALB, NLB, CLB)
• List internet gateways and NAT gateways

Database

• List and inspect RDS instances (all engines)
• List DynamoDB tables and get table details
• List and inspect ElastiCache clusters (Redis, Memcached)

Monitoring & Logs

• List CloudWatch alarms and metrics
• Search and query CloudWatch Logs
• Run CloudWatch Logs Insights queries for complex analysis
• Get metric statistics and data points
• List CloudTrail trails and event history

Security & IAM

• List IAM users, roles, and policies
• Get policy documents and permissions
• List KMS keys and encryption config
• List and inspect Secrets Manager secrets

Developer Tools

• List CloudFormation stacks and resources
• Get stack events and outputs
• List SSM parameters and documents
• Get recent SSM Run Command invocations

Messaging & Events

• List and inspect SQS queues
• List SNS topics and subscriptions
• List EventBridge rules and event buses
• List MSK (Kafka) clusters

Google Cloud Platform (GCP)

Compute

• List and inspect Compute Engine instances
• Get Cloud Run services and revisions
• List Kubernetes (GKE) clusters

Storage

• List Cloud Storage buckets and objects
• List and inspect persistent disks

Networking

• List VPC networks and subnetworks
• Inspect firewall rules and effective policies
• List load balancers and forwarding rules
• List Cloud Routers and Cloud NAT

Database

• List Cloud SQL instances (MySQL, PostgreSQL)
• List Cloud Spanner instances and databases
• List Firestore databases

Messaging

• List Pub/Sub topics and subscriptions
• Get topic and subscription configurations
• List Pub/Sub snapshots

Projects

• List accessible GCP projects
• Get project metadata and billing info

Microsoft Azure

Compute

• List virtual machines and get status
• Get VM runtime state and power status
• List VM scale sets
• List AKS (Kubernetes) clusters
• List App Services and container instances

Storage

• List storage accounts
• List blob containers, file shares, queues, tables
• List blobs within containers
• Get storage account access keys

Networking

• List virtual networks and subnets
• List network security groups and rules
• List load balancers and public IPs
• List application gateways and network interfaces

Database

• List Azure SQL servers and databases
• List Cosmos DB accounts
• List PostgreSQL and MySQL flexible servers
• List Redis caches

Security

• Get subscription secure score
• List security assessments and recommendations
• List active security alerts
• List compliance results
• List IoT security solutions

Monitoring

• List metric alert rules and activity log alerts
• List Log Analytics workspaces
• List Application Insights components
• Get resource metrics
• List action groups and diagnostic settings

Resources

• List subscriptions and resource groups
• List all resources with filtering by tags
• List ARM deployments and templates
• List available regions and resource providers

DigitalOcean

Compute

• List droplets and Kubernetes clusters
• List App Platform applications

Storage

• List Spaces (object storage)
• List block storage volumes
• List snapshots (droplet and volume)

Networking

• List load balancers and cloud firewalls
• List VPCs and floating IPs

Database

• List managed databases (PostgreSQL, MySQL, Redis, MongoDB)
• List database backups and users
• Get database configuration

Account

• Get account details and billing info
• List invoices and billing history
• Get current account balance
• List SSH keys and projects
• List resource actions and security events

Team

• List team members and roles
• List domains and resource tags

Development & Deployment

GitHub

Repository Operations

• List repositories in your organization
• Browse file trees and read file contents
• List branches and tags
• Get commit history with filtering

Code Search

• Search code across repositories
• Search issues and pull requests
• Filter by language, path, or content

Pull Requests & Issues

• List and search pull requests
• List and search issues
• Get PR details, reviews, and status
• List release information

Repository Intelligence

• Fuzzy-match repository names
• Find contributors and commit authors
• Track file history
• Analyze commit patterns

Code Modifications

• Create pull requests with code changes
• Read current file contents
• Show diff previews before creating PRs
• Create branches and commit changes
• Draft PRs for review

Vercel

• List connected projects
• List deployments per project
• Get deployment status and URLs
• View deployment logs
• Track deployment history

Lovable & Base44

• List AI-generated web applications
• Track project metadata

Network Operations & Diagnostics

HTTP/HTTPS

• Health checks with timing breakdown (DNS, TCP, TLS, TTFB)
• Redirect tracing - Follow redirect chains step-by-step
• Detect redirect loops and cross-domain issues
• Response header analysis
• HTTP status code diagnosis

SSL/TLS

• Certificate validation and expiration checks
• Certificate chain verification
• Hostname and SAN validation
• Cipher suite analysis
• TLS protocol version detection
• Self-signed certificate detection

DNS

• Lookup A, AAAA, MX, TXT, CNAME, NS, SOA, CAA, PTR records
• Response time measurement
• TTL information
• Reverse DNS lookups

TCP Port Checks

• Test port reachability
• Connection time measurement
• Service identification for common ports
• Firewall detection

Security Headers

• Analyze HTTP security headers
• HSTS, CSP, X-Frame-Options, X-Content-Type-Options
• Security scoring (0-100)
• Recommendations for improvements

Workspace & Environment Management

Resource Organization

• Create links between resources
• Add business context and notes
• Document relationships machines can't detect
• Fuzzy-match resources by name

Link Management

• Bi-directional relationships
• Custom labels (A→B and B→A)
• Markdown-formatted notes
• Link documentation and reasoning

AI Reasoning Capabilities

Context Understanding

• Remembers your infrastructure across conversation
• Understands dependencies between services
• Recalls ownership and business context
• Tracks changes and deployments

Investigation & Analysis

• Root cause analysis using dependency graphs
• Blast radius estimation for changes
• Cost analysis across providers
• Security posture assessment
• Performance bottleneck identification

Proactive Assistance

• Suggests related resources during investigation
• Identifies potential issues before they escalate
• Recommends security improvements
• Highlights configuration drift

What I Cannot Do

To set clear expectations, here's what is currently not possible:

Write Operations

• ❌ Modify infrastructure (no create, update, delete)
• ❌ Change cloud resource configurations
• ❌ Execute commands on servers
• ❌ Deploy applications
• ❌ Restart services
• ❌ Scale resources

GitHub Write Limitations

• ✅ Can create PRs and propose code changes
• ❌ Cannot merge PRs
• ❌ Cannot push directly to branches
• ❌ Cannot modify repository settings
• ❌ Cannot manage issues or comments

Access Boundaries

• ❌ Cannot access data outside connected integrations
• ❌ Cannot read secrets or credentials (except listing them)
• ❌ Cannot access private networks without VPN
• ❌ Cannot execute database queries

Operational Limits

• ❌ No alerting or monitoring capabilities
• ❌ No automated remediation
• ❌ No scheduled tasks or automation
• ❌ No direct API access for custom integrations

Using These Capabilities

Natural Language Interface

Ask questions naturally - I understand context and intent:

"What EC2 instances are running in us-east-1?"
"Show me the Lambda functions that failed today"
"Which GitHub repos had commits this week?"
"What's the SSL cert expiration for example.com?"
"Link this Lambda to the RDS database"

Multi-Step Investigations

I maintain context across questions:

User: "What services depend on the users database?"
AI: [shows list of services]

User: "Which one had errors recently?"
AI: [filters to services with recent errors]

User: "Show me the CloudWatch logs for that one"
AI: [retrieves specific logs]

Parallel Queries

I can query multiple providers simultaneously:

"Compare EC2 costs across AWS regions"
"List all databases across AWS, GCP, and Azure"
"Show me compute resources in all clouds"

Access Control

All capabilities respect your integration permissions:

• I can only see what you've granted access to
• Read-only access by default (except GitHub PR creation)
• You control which cloud accounts connect
• Integration permissions can be revoked anytime

Future Capabilities

Capabilities under consideration:

• Terraform plan generation
• Cost optimization recommendations
• Security compliance scanning
• Automated runbook execution (with approval)
• Custom integration plugins

Questions?

If you're unsure whether I can do something, just ask! I'll tell you if it's possible and how to do it.