Skip to content

AI Remediation

A finding is only useful if it gets fixed. AI Remediation is the generator that takes an Escape finding, reads the code it points at, and drafts a concrete patch tuned for your framework, your style, and the exact security control that's missing.

What You Get

For every finding with a fixable root cause, Escape produces:

  • A code-level explanation of why the bug fires, written against the file and function the request touched.
  • A tailored patch as a diff: new lines to add, lines to change, and the minimum surrounding context to apply it.
  • Framework awareness: the patch uses your framework's idioms. Django findings get Django middleware, Spring findings get Spring Security, Express findings get a middleware handler.
  • Test suggestions: where the code already has a test suite, the patch includes a test that pins the fix so the regression never ships again.

How It Reaches Engineers

Three delivery paths, pick whichever fits your workflow:

  1. IDE integration: see IDE Integrations. Engineers get the patch in Cursor, Claude Code, Gemini, or any MCP-aware client, right next to the code they're editing.
  2. Escape Copilot: see Escape Copilot. A chat-style interface that answers questions about the finding and hands back patches on request.
  3. Pull-request comments: when Escape is wired into CI, the patch gets posted as a review comment on the MR that introduced the regression.

What AI Remediation Is Not

  • Not a silver bullet: architectural bugs (missing authorization layer, wrong trust boundary) need human judgment. AI Remediation flags them and hands back context, not a patch.
  • Not autonomous: no patch is applied automatically. Every fix is proposed and has to be accepted by a human.
  • Not a replacement for code review: the patch is a starting point, not a merge.