Skip to content

AutoFix AI Agent Cheatsheet

AutoFix AI Agent Cheatsheet

Overview

The AutoFix AI Agent from Apiiro is an AI-powered tool that automatically fixes design and code risks using runtime context. It acts as an embedded AppSec engineer, fixing risks directly inside developers’ integrated development environments (IDEs) before they hit production.

Key Features

  • Automated Code Fixes: Automatically generates and applies fixes for security vulnerabilities.
  • Runtime Context: Uses runtime information to make informed decisions about how to fix risks.
  • IDE Integration: Works directly within popular IDEs like VS Code and JetBrains.
  • Real-Time Software Graph: Powered by Apiiro’s real-time Software Graph for deep context and analysis.

Getting Started

  1. Install the Apiiro IDE extension: Find the Apiiro extension in your IDE’s marketplace and install it.
  2. Connect to your Apiiro account: Authenticate the extension with your Apiiro account to sync your projects and policies.
  3. Scan your code: The AutoFix AI Agent will automatically scan your code for security risks as you write it.
  4. Apply fixes: When a risk is identified, the agent will suggest a fix. You can review the suggested fix and apply it with a single click.

Common Commands

While the AutoFix AI Agent is primarily UI-driven within the IDE, here are some conceptual commands that represent the actions you would take:

  • apiiro scan: Trigger a manual scan of your current project.
  • apiiro fix --risk <risk_id>: Apply the suggested fix for a specific risk.
  • apiiro ignore --risk <risk_id>: Ignore a specific risk if it is a false positive or an acceptable risk.
  • apiiro settings: Open the settings for the Apiiro IDE extension to configure your preferences.

Example Use Case

Scenario: A developer is working on a new feature and introduces a SQL injection vulnerability.

  1. Real-Time Scanning: The AutoFix AI Agent, running in the developer’s IDE, scans the code in real-time and identifies the SQL injection vulnerability.
  2. Suggested Fix: The agent suggests a fix that uses a parameterized query to prevent the injection.
  3. One-Click Fix: The developer reviews the suggested fix, and with a single click, applies it to the code.
  4. Secure Code: The vulnerability is fixed before the code is even committed to the repository, preventing it from ever reaching production.

Additional Resources