# Automated AI Triage for Dependabot Pull Requests Released

**Takumi New Feature Release**

We've released the automated AI triage feature for Dependabot Pull Requests.

No more critical vulnerability alerts getting buried.

**Takumi's strength in codebase analysis is combined with security update content to notify you only when urgent action is required.**

![eyecatch](/docs/_md-assets/d640c4120f-eyecatch.png)

## Overview

Triggered by Dependabot PR creation, Takumi automatically performs the following steps:

1. **PR Detection**
2. **Analysis**
   - a) Determine if it's a security update (prevent unnecessary credit consumption)
   - b) Confirm vulnerability information in major databases such as CVE and GHSA
   - c) Determine if the vulnerability can actually be exploited in your codebase
3. **Risk Assessment**
4. **Notification**

![result](/docs/_md-assets/e3e3e44935-result.png)

## Performance

In benchmarks, triage was performed with **95.2%** accuracy, with 0 false negatives (= no missed critical PRs).

Without human intervention, triage time was reduced by approximately **72%** compared to manual processing.

Takumi proactively handles what used to be tedious security work, predicting and supporting developers.

![performance](/docs/_md-assets/443dda5468-performance.png)

## Getting Started

**Takumi users can start using this feature immediately. Please make use of it!**

▼ User Guide
[Takumi User Guide](https://shisho.dev/docs/ja/g/getting-started/takumi-the-ai-engineer/)

▼ About Takumi byGMO
[Takumi byGMO Official Page](https://flatt.tech/takumi)