What PlotUI Can — and Can't — Do
Most AI products oversell. We won't. Here's exactly what we do, how well we do it, and where you'll still need a human. No fine print.
Our Philosophy
PlotUI is not magic. It's a well-engineered system that learns your product and answers ~95% of your users' "how do I?" questions automatically. The other 5% — the edge cases, the server-side business logic, the questions no UI can fully answer — get escalated to your team instantly. That 5% is not a bug. It's honesty.
We believe the biggest trust problem in AI products is false confidence. PlotUI shows your team exactly which answers it's confident about (green), which it guessed (yellow), and which it couldn't figure out (red). You review and approve before going live. You're always in control.
Accuracy by Question Type
How well PlotUI answers different kinds of user questions, after a full scan + walkthrough.
Navigation is perfectly mapped from your codebase
Captured from UI elements, forms and walkthrough
Taken directly from your Zod validation schemas
AI-generated description from code + walkthrough
Role-based access read from code; runtime checks may vary
Requires server-side logic we cannot read
Business rules enforced in database, not visible in UI
External payment providers (Stripe, Razorpay) are inaccessible
What We Read vs. What We Skip
When you run npx plotui-cli scan, here's exactly what happens to your codebase.
✓ We read & send to AI
- ✓ Page components (page.tsx, layout.tsx)
- ✓ Tab names, button labels, form placeholders
- ✓ Zod validation schemas (form rules)
- ✓ API route method signatures (GET/POST/PUT)
- ✓ Import relationships between components
- ✓ Role-based access conditions in code
- ✓ README, CLAUDE.md, AGENTS.md docs
- ✓ Prisma/Drizzle database schema structure
✗ We never read or send
- ✗ .env and .env.local (blocked entirely)
- ✗ API keys, secrets, tokens (auto-redacted)
- ✗ Database connection strings (auto-redacted)
- ✗ Stripe, Clerk, AWS private keys (blocked)
- ✗ Private key files (.pem, .p12)
- ✗ Your actual user data or database contents
- ✗ Server-side business logic or auth middleware
- ✗ External service UIs (Stripe, OAuth screens)
Known Limitations
These are not bugs. They are the honest boundaries of what static code analysis and AI can do today.
AI Answers Are Not Guarantees
PlotUI uses Gemini AI to generate answers. AI models can be confidently wrong (hallucination). We reduce this with confidence scoring and RAG retrieval, but a ~2-5% error rate is inherent in any AI system. Critical workflows should always have human fallback.
Server-Side Logic Is Invisible
Your backend business rules — who can apply when, what triggers a status change, why X was rejected — live in your server and database. PlotUI sees your UI, not your server logic. Questions about "why" something happened server-side will be escalated to your team.
External Services Are Opaque
Payment flows (Stripe, Razorpay), authentication (OAuth), and any embedded third-party widget live in sandboxed iframes. PlotUI cannot read or describe them. Founders should add manual descriptions for these flows via the Graph Editor.
Knowledge Becomes Stale
PlotUI's knowledge graph reflects your app at scan time. If you ship a new feature and don't re-scan, users may get outdated answers. We recommend scanning on every significant release or enabling the GitHub Action integration.
Dynamic State Is Partially Captured
UI that changes based on runtime data (e.g., "show this button only after 60 days") may not be fully captured by static analysis. Founder Walkthrough Mode helps by capturing what you actually see during navigation.
Works Best With TypeScript/TSX
PlotUI's deep AST analysis is optimized for Next.js, React, and TypeScript codebases. Other frameworks (Vue, Svelte, Django, Rails) use a lighter regex-based parser with ~70% accuracy. Full support for other stacks is on the roadmap.
What Happens When PlotUI Doesn't Know
We designed the failure mode intentionally. A wrong confident answer is worse than an honest escalation.
High-confidence answer
Returned instantly to the user. Typical for navigation, forms, role access questions.
Low-confidence answer
PlotUI answers but shows a "contact support" link below. The question is flagged in your dashboard.
No confident answer
PlotUI says clearly: "I'm not sure about this one." The question is logged and your support email is notified immediately.
You answer in the dashboard
Your answer is emailed to the user and permanently added to the knowledge graph. Next time, PlotUI answers automatically.
We told you exactly where we fall short.
We think that's rare. And we think it earns your trust more than any claim of "99.9% accuracy." The 95% we handle automatically saves your team hundreds of support hours a month. The 5% we flag keeps a human in the loop for what matters most.