Try it now
$ npx @vexlit/cli scan .5 MINUTES
Fix Vulnerabilities with AI
VEXLIT doesn't just find vulnerabilities — it fixes them and creates pull requests automatically.
Step 1: View vulnerability details
In the web dashboard, click any vulnerability to see:
- 1The vulnerable code snippet with line highlighting
- 2CWE reference and OWASP category mapping
- 3Taint analysis flow — how user input reaches the vulnerable sink
- 4Confidence level and exploitability assessment
Step 2: AI Explain
Click the "AI Explain" button to get a plain-language explanation of:
- 1What the vulnerability is and why it matters
- 2How an attacker could exploit it
- 3The recommended fix approach
Step 3: AI Fix (one-click)
Click "AI Fix" to generate a secure code replacement. VEXLIT:
- 1Generates a fix using AI with confidence scoring (0-100)
- 2Verifies the fix compiles and doesn't break imports
- 3Shows a diff preview before applying
- 4Runs a second attempt if the first fix doesn't verify
Before → After
Before
// ❌ Vulnerable: SQL Injection
const query = "SELECT * FROM users WHERE id=" + userId;
db.query(query);After
// ✅ Fixed: Parameterized query
const query = "SELECT * FROM users WHERE id=?";
db.query(query, [userId]);Step 4: Auto-Fix Pull Request
For GitHub-connected projects, VEXLIT can fix all vulnerabilities at once and create a PR:
- 1Click "Fix All" on the scan results page
- 2VEXLIT fixes up to 80 vulnerabilities in one batch
- 3A pull request is created with all fixes
- 4Re-scan runs automatically to verify fixes
Step 5: Verify
After applying fixes, re-scan to confirm the vulnerabilities are resolved:
$ npx @vexlit/cli scan .