logo
iamwngtk/github-forks/openhands-vulnerability-fixer
Public
0
0
WeChat Login
CodeIssuesPull requestsEventsPackagesInsights
main
Branch
35
Tag
0
Graham Neubig<neubig@gmail.com>
Merge pull request #48 from OpenHands/fix-transitive-dependency-upgrades
156cffdd
104 commits
.husky
api
public
scripts
src
.eslintrc.cjs
.gitignore
AGENTS.md
IMPLEMENTATION.md
LICENSE
README.md
index.html
package-lock.json
package.json
postcss.config.js
tailwind.config.js
tsconfig.api.json
tsconfig.json
tsconfig.node.json
vercel.json
vite.config.ts
vitest.config.ts

Vulnerability Fixer

An AI-powered web application that automatically scans repositories for security vulnerabilities and creates pull requests with fixes. Built with OpenHands to demonstrate how to build AI-powered applications using the OpenHands Cloud API.

Try it now: https://openhands-vulnerability-fixer.vercel.app/

What It Does

Vulnerability Fixer uses AI agents to:

  1. Scan - Run Trivy security scans on GitHub repositories or upload reports from other scanners
  2. Analyze - Identify and prioritize security vulnerabilities
  3. Fix - Automatically generate code fixes using AI
  4. Ship - Create pull requests with the fixes

Quick Start

Using OpenHands Cloud (Recommended)

  1. Clone and install:

    git clone https://github.com/OpenHands/vulnerability-fixer.git
cd vulnerability-fixer
npm install
npm run dev

  2. Open http://localhost:3001 and configure:

    • OpenHands Cloud API Key - Get one from OpenHands Cloud
    • LLM API Key - Your OpenAI, Anthropic, or OpenHands LLM key
    • GitHub Token - Create a token with repo scope

  3. Enter a GitHub repository URL and click Scan Repository

Using Local OpenHands Agent

See IMPLEMENTATION.md for instructions on running with a local OpenHands agent server.

How It Works

┌─────────────┐       ┌─────────────────┐       ┌────────┐
│   Browser   │  ───▶ │    OpenHands    │  ───▶ │ GitHub │
│  (React UI) │       │   Cloud / Local │       │  API   │
└─────────────┘       └─────────────────┘       └────────┘
                             │
                      ┌──────┴──────┐
                      ▼             ▼
                 ┌────────┐   ┌─────────┐
                 │ Trivy  │   │   LLM   │
                 │Scanner │   │  APIs   │
                 └────────┘   └─────────┘
  1. Enter a GitHub URL or upload a vulnerability report
  2. The OpenHands agent scans the repository using Trivy
  3. Select vulnerabilities to fix from the results table
  4. The agent analyzes each vulnerability and generates fixes
  5. Pull requests are automatically created on GitHub

Building on OpenHands

This project demonstrates key patterns for building apps with OpenHands Cloud:

  • Conversation Management - Creating and managing agent conversations
  • Task Execution - Sending prompts and receiving results
  • Real-time Updates - Streaming agent progress and logs
  • Error Handling - Managing agent states and failures

See IMPLEMENTATION.md for technical details and the OpenHands SDK documentation.

License

MIT License - see LICENSE for details.

About

https://github.com/OpenHands/vulnerability-fixer.git

900.00 KiB
0 forks0 stars35 branches0 TagREADMEMIT license
Language
TypeScript97.6%
JavaScript1.5%
CSS0.7%
HTML0.2%
© 2026 Tencent, Inc. Supported by Tencent Cloud
About Us
Privacy Policy
Terms of Service
SLA
API
Docs
Showcase
Feedback
35/F,Tencent Building,Kejizhongyi Avenue,Nanshan District,Shenzhen
京ICP备11018762号-111
粤公网安备44030002006058号粤公网安备44030002006058号