How It Works
Learn about the scanning process, vulnerability assessment, and AI-powered fixes.
Scanning Process
Coach uses a multi-step process to analyze repositories for security vulnerabilities:
Repository Cloning
Coach clones the target repository to analyze its contents safely.
Code Parsing
The code is parsed to identify language-specific patterns and structures.
Vulnerability Detection
Multiple detection algorithms are applied to identify potential vulnerabilities.
Vulnerability Assessment
Coach categorizes vulnerabilities by severity level to help you prioritize remediation efforts:
Severe vulnerabilities that require immediate attention
Important issues that should be fixed soon
Moderate risk issues that should be addressed
Minor issues that pose limited risk
Assessment Criteria
- Exploit Potential: How easily can the vulnerability be exploited?
- Attack Surface: How exposed is the vulnerability to potential attackers?
- Impact: What damage could result from exploiting this vulnerability?
- Prevalence: How common is this vulnerability in the codebase?
AI-Powered Fixes
Coach uses the Gemini API to generate intelligent fixes for detected vulnerabilities:
Vulnerable Code
def process_user_input(user_input):
# Vulnerable code with SQL injection risk
query = f"SELECT * FROM users WHERE username = '{user_input}'"
return db.execute(query)AI-Generated Fix
def process_user_input(user_input):
# Using parameterized query to prevent SQL injection
query = "SELECT * FROM users WHERE username = %s"
return db.execute(query, (user_input,))Explanation
The AI detects the SQL injection vulnerability and generates a fix that uses parameterized queries to safely handle user input without risking injection attacks.