> For the complete documentation index, see [llms.txt](https://docs.nullify.ai/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.nullify.ai/capabilities/remediations.md). # Remediations ## Overview Nullify drafts production-ready fixes for all finding types: code vulnerabilities, dependency issues, leaked secrets, cloud misconfigurations, and pentest findings. Developers receive pull requests with patches that match the surrounding code style, iterate on CI feedback to stay mergeable, and respond to review comments. Nullify writes fixes that patch vulnerabilities without breaking existing functionality. ## Pull Request Limits To avoid overwhelming developers, autofix applies fixed, platform-managed limits rather than per-repository configuration: * **3 open Nullify fix PRs per repository** at any time * **5 new fix PRs per remediation plan** Once a fix PR merges or closes, the next queued fix can open. These limits are built-in platform behavior and are not configurable per repository. ## Working with Developers ### Status Updates * Posts to existing Slack threads * Updates Jira tickets with PR links * Sends notifications for reviews needed * Escalates stalled PRs to team leads ### Ask Nullify on the PR When Nullify opens a fix pull request, reply in the PR thread — or **`@mention`** Nullify — to ask why a change is needed, request a different approach, or get more context. Nullify reads the diff and the discussion and responds inline, which is the fastest way to get a fix review-ready and merged. On pull requests Nullify didn't open, `@mention` it so it knows the comment is for it. ### Ownership Routing * Uses CODEOWNERS for reviewer selection * Considers team capacity (least-loaded developer) * Respects team boundaries * Coordinates multi-team changes ### Manual Fallback When automation isn't appropriate: * Provides detailed fix guidance * Creates ticket with reproduction steps * Tags appropriate owner * Preserves context for future learning --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.nullify.ai/capabilities/remediations.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.