> ## Documentation Index
> Fetch the complete documentation index at: https://mintlify.hoop.dev/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# AI Session Analyzer

> Analyze terminal sessions in real time and enforce risk-based actions before execution

<Frame>
  <img src="https://mintcdn.com/hoopdev/6FB_mRr6VwGQlB7x/images/learn/features/ai-session-analyzer.png?fit=max&auto=format&n=6FB_mRr6VwGQlB7x&q=85&s=6465a4bfa6468dc0fec1e7ced00fddad" alt="AI Session Analyzer" width="3540" height="2496" data-path="images/learn/features/ai-session-analyzer.png" />
</Frame>

<Note>
  This feature is only available when executing ad-hoc sessions (Webapp & hoop exec cli)
</Note>

## What You'll Accomplish

AI Session Analyzer is Hoop's AI-powered risk analysis capability for one-off sessions. It evaluates commands before execution and applies configured policies automatically, so you can:

* Detect risky commands in real time before impact
* Block destructive or high-risk operations proactively
* Apply consistent policy decisions across resources

***

## How It Works

<Steps>
  <Step title="Configure Provider and Rules">
    Configure the AI provider and define risk rules.
  </Step>

  <Step title="Command Is Analyzed">
    A command runs and is analyzed in real time by AI.
  </Step>

  <Step title="Action Is Applied">
    Based on the rules and AI analysis, the command is allowed or blocked.
  </Step>
</Steps>

***

## Runtime Analysis Experience

### In-Terminal Behavior

When a terminal session starts:

* Terminal shows an in-session status card: `AI Session Analyzer is thinking...`
* Analyzer evaluates activity in real time
* If no rule is violated, show Allowed/success status (non-blocking notification)
* If any configured risk rule is triggered, show Blocked status (prominent restriction notification)

### Session Details Review

In the session detailed view:

* Top status list includes **AI Session Analyzer** item
* Item displays action status: **Allowed** or **Blocked**
* A dedicated card shows:
  * Title plus risk level indicator (**Low Risk**, **Medium Risk**, **High Risk**)
  * Action applied by rule (**Allowed** or **Blocked**)

***

## Status Types

| Status      | Meaning                                            |
| ----------- | -------------------------------------------------- |
| **Allowed** | Session complies with configured risk rules        |
| **Blocked** | Session violates one or more configured risk rules |

***

## Best Practices

<CardGroup cols={2}>
  <Card title="Recommended Risk Evaluation" icon="bell">
    Use the recommended risk evaluation to apply policies based on each session's risk profile.
  </Card>

  <Card title="Scope by Role" icon="users">
    Apply stricter policies to privileged roles and production-facing resources first.
  </Card>

  <Card title="Review Outcomes Weekly" icon="calendar">
    Audit Allowed/Blocked trends and tune rules for false positives or blind spots.
  </Card>
</CardGroup>

***

<Note>
  Ready to turn it on? The [AI Session Analyzer configuration guide](/setup/configuration/ai-session-analyzer-configuration) walks through connecting an AI provider, creating risk rules, and verifying results.
</Note>

## Next Steps

<CardGroup cols={2}>
  <Card title="Guardrails" icon="shield" href="/learn/features/guardrails">
    Add deterministic query and command controls
  </Card>

  <Card title="Live Data Masking" icon="mask" href="/learn/features/live-data-masking">
    Protect sensitive output with automatic redaction
  </Card>

  <Card title="Session Recording" icon="video" href="/learn/features/session-recording">
    Audit command history and investigation trails
  </Card>

  <Card title="Access Requests" icon="clock" href="/learn/features/access-requests/jit">
    Require approvals for sensitive operations
  </Card>
</CardGroup>
