Overview
AI Autofix connects Krait to your version control system to create fix pull requests directly from security findings. Krait shows you the recommended fix before any PR is created, and for dependency vulnerabilities you choose the exact version to upgrade to. Once you are satisfied, Krait opens the PR and your team reviews and merges it like any other code change. Autofix is available for two categories of findings:- Dependency vulnerabilities detected during code scanning
- API Inventory vulnerabilities detected during deep scanning
Setup
Autofix requires a one-time installation of the Krait AutoFix app on your version control system. This gives Krait permission to open pull requests on your behalf.Go to Integrations
Navigate to Integrations and select your version control system — either GitHub or GitLab.
Install the AutoFix app
Locate the AutoFix app for your platform and click to install it.
- For GitHub: GitHub AutoFix
- For GitLab: GitLab AutoFix
You only need to complete this setup once per workspace. All workspace members can use Autofix after the app is installed.
Finding Autofixable Issues
There are two places to find findings that are eligible for Autofix. Autofixable page A dedicated page that lists every finding across all your resources that Krait can automatically fix. Use this as your starting point for bulk remediation. Individual finding page Open any finding and go to the Recommended Fixes tab. If an automated fix is available, it will appear here along with a preview of the proposed change before you create the PR.Dependency Autofix
When Krait detects a vulnerable dependency, it identifies available patched versions and lets you choose which one to upgrade to before creating the PR.Open the finding
Navigate to the vulnerable dependency finding and select the Recommended Fixes tab.
Select a version
Krait lists the available patched versions of the package. Select the version you want to upgrade to.

Create the PR
Review the proposed change and click Create Fix PR. Krait opens a pull request on your connected repository with the dependency update applied.
API Inventory Autofix
For vulnerabilities discovered through the API Inventory, Krait generates a code-level fix based on the specific issue found in your endpoint logic.Review the recommended fix
Krait displays the proposed code change. Review it to confirm it addresses the issue correctly.

Create the PR
Click Create Fix PR. Krait opens a pull request on your connected repository with the fix applied to the relevant file.