Auto-Fix
Vouch doesn’t just tell you what’s broken — it writes the fix.
How It Works
When Semgrep or Gitleaks detects a vulnerability, the AI Translation Layer processes the vulnerable snippet together with your stack context (Next.js, FastAPI, Supabase, etc.) and generates a drop-in replacement. The result appears as a code diff in your dashboard, ready to copy and apply.
Supported Fix Types
Auto-Fix is currently optimized for the most common vibe-fails:
| Vulnerability | What Vouch generates |
|---|---|
| Missing Authentication Middleware | JWT or session guard configuration for your framework |
| Open API Endpoints | Rate-limiting and CORS boundary code |
| Exposed Secrets | .env template + refactored code using process.env |
| Supabase RLS | SQL ALTER TABLE / CREATE POLICY commands to lock down open tables |
Monthly Auto-Fix Limits
Deep Auto-Fixes are a rate-limited resource — each tier includes a monthly quota:
| Plan | Core Scans | Deep Auto-Fixes |
|---|---|---|
| Hobby (free) | 15 / month | 2 / month |
| Micro ($8–10 / month) | 50 / month | 35 / month |
| Pro ($15–18 / month) | 300 / month | 100 / month |
| Add-On Credits ($10) | +30 scans | +30 fixes |
Need more? Add-on credit packs are available at any tier without changing your subscription. See Pricing.
How to Apply a Fix
- Open the finding in your Vouch dashboard.
- Click View Fix — the patch is shown as a standard code diff.
- Copy the corrected snippet and paste it into your editor, Cursor session, or Lovable canvas.
- Commit and let Vouch re-scan to confirm the score improves.
Always review AI-generated fixes before committing. Vouch optimizes for security correctness, but you should verify the fix doesn’t break existing business logic.
Next Steps
- Check your fix quota in Pricing.
- See how fixes appear in your PR workflow in the GitHub integration.