> For the complete documentation index, see [llms.txt](https://help.aikido.dev/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://help.aikido.dev/autofix-and-remediation/scope/ai-autofix-for-containers.md).

# AutoFix for Containers

The goal is simple: fix more, faster—with less noise. AI Autofix helps you patch container vulnerabilities in bulk by suggesting safe, reviewable Dockerfile updates.

### In Short <a href="#in-short" id="in-short"></a>

* **Base Image Updates:** When vulnerabilities are found in a container's base image, Autofix suggests update options—patch, minor, or major.
* **Multiple Patch Options**: Get 3–5 Dockerfile variants, each tied to a different base image. For each, see which vulnerabilities are fixed—and if any new ones are introduced.
* **Extended Lifecycle Support Images:** When available, AutoFix will propose an Aikido-maintained version of the base image where **HIGH** and **CRITICAL** severity issues have been remediated. [Learn more](/autofix-and-remediation/scope/autofix-for-containers-using-hardened-images.md) about using ELS images.
* **Use Your Judgment**: Major updates often fix more, but may require manual changes. Choose what fits your stack best.

### Key Features of AI Autofix for Containers <a href="#key-features-of-ai-autofix-for-containers" id="key-features-of-ai-autofix-for-containers"></a>

* **Preview Changes Before You Fix:** Review detailed previews of AI-generated fixes before implementing them.
* **Create Pull Requests (PRs):** Generate pull requests directly in your Source Control Management (SCM) system

<figure><img src="/files/vl9iY3JXIGUheIW6BpoV" alt=""><figcaption></figcaption></figure>

***

Good to Know

* **Processing Time:** It can take up to 5 minutes for Autofix to generate suggestions, as it scans all potential base image updates for vulnerabilities.
* **Public and Private Base Images**: Container Autofix can update both public base images and private base images. The private base images need to be scanned by Aikido. Supported registries for private base images are: Docker Hub, GitHub Container Registry, AWS Elastic Container Registry, Azure Container Registry, GCP Container Registry.
* **Dockerfile Linking**: We auto-detect the Dockerfile from your repo. If there’s ambiguity, you’ll be asked to set the correct path in the UI.
* **Privacy First**: code snippets are sent securely to AWS Bedrock via encrypted channels. Neither Aikido **nor** [AWS Bedrock](https://aws.amazon.com/bedrock/security-compliance/) use your code for training or fine-tuning AI models.

### How to use the AI Autofix functionality <a href="#how-to-use-the-ai-autofix-functionality" id="how-to-use-the-ai-autofix-functionality"></a>

* **Step 1**. **Go to the** [**Container Autofix Page**](https://app.aikido.dev/issues/fix/container)[.](https://app.aikido.dev/issues/fix/sast)

  See a list of containers with the option to **View Fix**. If a container isn’t linked to a repo, or if the Dockerfile path is unclear, you’ll be prompted to configure it manually.

  <figure><img src="/files/d8l219xHi8lMTUzG72Gu" alt=""><figcaption></figcaption></figure>
* **Step 2.** **Review and Select a Patch Option**

  Each option shows what it fixes and if it introduces new issues. Pick the one that fits your setup.

<figure><img src="/files/SXAs80YeVVqWHQtcnE8A" alt=""><figcaption></figcaption></figure>

* **Step 3. Create PR**

  Autofix generates a pull request directly in your SCM with the updated Dockerfile.

***


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://help.aikido.dev/autofix-and-remediation/scope/ai-autofix-for-containers.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.