Fix code with gen AI on Visual Studio Code | Fluid Attacks Help

Fix code with gen AI on Visual Studio Code

After you have learned the details of reported vulnerabilities, Fluid Attacks helps you fix your source code through AI-generated suggestions.

To access Fluid Attacks' custom guides or automatic fixes produced with generative AI, you need to install and configure Fluid Attacks' Visual Studio Code plugin. Once you have that covered, come back to these instructions.

Fluid Attacks' plugin lets you quickly locate the lines of code that need fixing. You can choose to use gen AI to
  1. generate custom, step-by-step guides to fix your code, or
  1. fix code automatically.

Follow AI-generated fix guides

The following are the steps to use the plugin's Custom fix function:

  1. Open the Fluid Attacks extension and click on the type of vulnerability you want to remediate.

    Select the vulnerability type to fix on the Fluid Attacks extension

  2. Click the wrench that appears over the entry corresponding to the vulnerable line of code you will fix.

    Use the custom fix by gen AI option on the Fluid Attacks extension

  3. Follow the step-by-step guide to secure your code. Do this critically, as gen AI may produce vulnerable code.

    Generate a step by step fix guide with gen ai on the Fluid Attacks plugin

After you have fixed the code, you can verify whether the fix was successful.

If you are subscribed to the Advanced plan and need help understanding a vulnerability, you can request an explanatory session with a member of Fluid Attacks' hacking team.

Get AI-generated automatic fix suggestions

To use the plugin's Autofix function, do the following:

  1. Open the Fluid Attacks extension and click on the type of vulnerability you want to remediate.

  2. Click the hammer and wrench appearing over the entry that corresponds to the line of code you wish to fix automatically.

    Use the automatic fix by gen AI option on the Fluid Attacks extension

  3. Review the output, which is presented as modifying the file already.

    See the output of automatic fix by gen AI on the Fluid Attacks extension

Again, after applying this suggestion, you can request a reattack to verify whether the remediation was successful.