Big Cranium Logo White.png
TrainingHelp Center
Find the insights and best practices about our product.
General
FAQs
System & Network Requirements
Getting Started
My AI Dashboard Overview
Release Notes
2026.4.2 Release Notes
2026.4.1 Release Notes
2026.3.1 Release Notes
2026.2.2 Release Notes
2026.2.1 Release Notes
2026.1.1 Release Notes
2025.12.1 Release Notes
2025.11.1 Release Notes
2025.10.3 Release Notes
2025.10.1 Release Notes
2025.9.1 Release Notes
2025.8.1 Release Notes
2025.7.1 Release Notes
2025.4.1 Release Notes
2025.3.1 Release Notes
2025.1.1 Release Notes
2024.12.1 Release Notes
AI Manager
My AI Systems
My AI Systems Overview
AI System Details Overview
Adding a New AI System
Self-Attesting to a Compliance Framework
Compliance Scoring
Compliance Agent [Beta]
My AI Supply Chain
Supply Chain Overview
Managing Outgoing AI Card Requests
Responding to an AI Card Request
Publishing an AI Card Without a Request
My Vendors Overview
Artifacts
Bill of Materials
Bill of Materials Overview
Creating a Bill of Materials with CodeSensor
Self-Attest to a Bill of Materials
AgentSensor Overview
Technology Search Overview
Document Library
Document Library Overview
Vulnerability Management
Arena Shield
Arena Shield Overview
Shield YAML Implementation Guide
Arena
AI Arena Overview
Vulnerability Assessment
Vulnerability Management
Vulnerability Assessment Overview
Accessing a Vulnerability Assessment
Adversarial Inputs Detector
Vulnerabilities Overview
Settings
User Manager Overview
Detect AI
Integrations
Accessing a Private VCS
Registering SSH for CodeSensor
Integrating Bitbucket with Cranium
Integrating GitHub with Cranium
Integrating GitLab with Cranium
Integrating Azure DevOps with Cranium
Continuous Monitoring Overview
VCS Service Rate Limits
CloudSensor
CloudSensor Overview
Public API
Public API Overview
Authentication & Generating Credentials
Pagination & Incremental Sync
Rate Limits & Error Handling
Endpoint Reference
Bills of Materials
Technology Vulnerabilities
Arena Models
Arena Model Vulnerabilities
Home
Settings
Detect AI
Detect AI

Introduction

Cranium Detect AI builds on current Code Sensor functionality by crawling your private VCS's code repositories to automate the discovery of repositories containing AI/ML-based technologies and models. Detect AI supports Python, JavaScript, TypeScript, and Java. This capability provides additional visibility into existing and developing AI-enabled projects to ensure organizations have an early inventory of all AI/ML usage and can detect potential Shadow AI usage. Detect AI provides additional oversight for an organization's AI stakeholders without relying solely on what a development team identifies, and without manually analyzing code to verify compliance.

Detect AI in the VCS Integrations List

The Integrations page provides a centralized interface for managing Detect AI scans. It displays a detailed list of VCS Integrations, including the Detect AI scan status (e.g., not started, queued, failed, success) and Detect AI scan results. You can manage VCS Integrations through the three-dot menu, which allows you to run a Detect AI scan and view Detect AI scan results.

Run Detect AI Scan

You can run a Detect AI scan on an integration from the action menu. Configurable parameters are also available when launching a scan from the New BOM Wizard:

  • Project filter - select the projects to include in the scan
  • Last commit date - skip any repositories with a last commit before the specified date
  • Minimum # of commits - skip any repositories with less than the number of commits specified

View Scan Results

The Scan Results section provides a comprehensive overview of your Detect AI scan process, showing the current scan status, the date of the last scan, and a count of repositories scanned. This count is broken down into the number of repositories scanned or skipped based on the given parameters, out of the total repositories available under the integration. By hovering over this number, you can access a detailed breakdown of how many repositories were scanned, skipped, or failed. Additionally, the results of repositories with AI detected are displayed. The repository list includes project and repository names (linked to the actual repositories in your version control system), the last commit date, committer details (name and email), and the code owner (when the VCS supports repository owners). The scan status of each repository is displayed, with repositories marked as Skipped, AI detected, Failed, or Queued, and hovering over any of these statuses reveals more context about flagged parameters or errors. The page includes a blue "Run Detect AI Scan" button to trigger a new scan, a red "Abort Scan" button to cancel an ongoing scan (which can also be done through the action menu), and a search feature to find repositories by name. You can also export the scan results with the white "Export to CSV" button.

Did this answer your question?
Related Articles
Accessing a Private VCS
System & Network Requirements
Creating a Bill of Materials with CodeSensor
Bill of Materials Overview
Supply Chain Overview
My AI Systems Overview
CloudSensor Overview