PatchyAI — your autonomous security engineer for GitHub repositories.

PatchyAI is an autonomous GitHub App designed to continuously improve repository security by detecting and fixing known vulnerabilities in dependencies and codebases.

PatchyAI listens for explicit developer commands (e.g. @patchyai) and can:
• Scan repositories for known vulnerabilities using trusted vulnerability databases
• Summarize findings in a clear, developer-friendly format
• Automatically create fix branches and open pull requests with recommended patches
• React to follow-up comments to refine or scope fixes

PatchyAI is intent-driven, audit-friendly, and safe by default:
• No actions are taken without explicit user approval
• All changes are made via pull requests
• No sensitive environment or infrastructure details are exposed in comments

Built for modern DevSecOps workflows, PatchyAI integrates seamlessly into GitHub repositories to reduce security debt while keeping developers in control.