Skip to main content

Takumi Autofix Now Available

· 2 min read
Tsubasa Umeuchi
Tsubasa Umeuchi
Software Engineer @ GMO Flatt Security Inc.

We've released the Takumi Autofix feature. This feature automatically generates fix patches for vulnerabilities detected in security assessments and creates Pull Requests.

Autofix

Overview

Autofix automatically generates fix code and unit tests based on vulnerability reports from Whitebox or Blackbox Assessments, and creates Pull Requests on your GitHub repository.

It is available from the Shisho Cloud byGMO web console.

How to use

How It Works

Autofix creates a "fix task" for each vulnerability and executes automatic fixes on a per-task basis.

  • Select the vulnerabilities you want to fix from the assessment results and create a fix task
  • When you run the task, Takumi clones the repository, analyzes the vulnerability, generates fix code, and creates unit tests automatically
  • After processing, review the generated fix proposal (report and diff)
  • If the fix looks good, create a Pull Request on the GitHub repository with a single click

If the fix doesn't meet your expectations, you can provide additional instructions and re-run the task.

Task list

Task

Prerequisites

To use Autofix, you need a Write-enabled GitHub App integration with access to the target repository.

For organizations that already have the GitHub App installed, a "Contents" permission update request has been sent via email from GitHub as part of this release. Please approve this request before using the feature.

For details, see GitHub Integration.

GitHub Integration

Credit Consumption

Credits are required to use this feature. The amount consumed varies depending on the complexity of the vulnerability and the size of the repository.

Availability

This feature is available to all Takumi byGMO users.

For detailed instructions, see Autofix.