# Mobb Vibe Shield (MVS) ## What is Mobb Vibe Shield? **Mobb Vibe Shield (MVS)** is a tool your IDE AI assistant can call to identify and fix security vulnerabilities directly in the editor, as you work. MVS operates via the [Model Context Protocol (MCP)](https://vibe.mobb.ai/SettingUpMCP), allowing it to interact with IDE-integrated AI agents such as GitHub Copilot, Cursor, and others. It supports both scanning and fixing, as well as remote fix retrieval from the Mobb platform. Visit the [Mobb Vibe Shield](https://vibe.mobb.ai/) page to learn more. ## Modes Mobb Vibe Shield supports three primary modes: #### 1. `scan_and_fix_vulnerabilities` Scans recently modified files in your local project and applies fixes inline. * If there are **uncommitted changes**, MVS scans the **last 3 modified files**. * If there are **no uncommitted changes**, it scans files from the **previous commit**. * If the project is **not a Git repository**, it scans the **3 most recently modified files** by timestamp. Scanning is powered by [OpenGrep](https://github.com/opengrep/opengrep). Here is a demo of the `scan_and_fix_vulnerabilities` mode in action: {% embed url="" %} #### 2. `fetch_available_fixes` Checks whether the current repository has a matching fix report in the Mobb platform (e.g., from CI/CD pipelines or prior manual uploads) and applies those fixes to local files. Here is a demo of the `fetch_available_fixes` Mode in action: {% embed url="" %} #### 3. `check_for_new_available_fixes` This mode triggers a continuous monitoring mode where MVS will scan and monitor for available fixes in your project. The first call to this tool starts the scan, and from then on, MVS will automatically scan for new fixes every 15 minutes. This ensures you are always notified of the latest security fixes as soon as they become available. To use this mode effectively, you should add a rulebook to your IDE that instructs the agent to always call `check_for_new_available_fixes` at the end of each session. For example, in VS Code or Cursor, you can create a rulebook file (such as `.github/copilot-instructions.md` or `mvs.mdc`) that includes instructions to always invoke this tool after completing all code changes. For more information on how to deploy rulebooks, see [VS Code guide](https://docs.mobb.ai/mobb-user-docs/getting-started/vs-code-+-github-copilot#deploying-a-rulebook-for-automated-fix-checks) or [Cursor guide](https://docs.mobb.ai/mobb-user-docs/getting-started/cursor#deploying-a-rulebook-for-automated-fix-checks). ## MVS Auto-Fix Mode **NEW!** MVS now includes an **Auto-Fix Mode** that provides continuous, automated security scanning and fixing directly in your IDE without requiring manual intervention or AI assistant commands. ### How to Enable Auto-Fix Mode 1. Login to Mobb 2. Navigate to **Settings** → **User Settings** → **MVS** 3. Check the **"Enable MVS Auto-Fix"** checkbox

### How Auto-Fix Mode Works Once enabled, MVS Auto-Fix Mode will: * **Perform recurring background scans** using OpenGrep to detect security vulnerabilities * **Automatically apply Mobb fixes** to identified issues without interrupting your workflow * **Operate silently** in the background while you code ### Tracking Applied Fixes MVS provides two ways to track and review the fixes that have been automatically applied: #### 1. Comments at the bottom of the file When a fix is applied, Mobb leaves a comment at the bottom of the modified file indicating that an auto-fix has been applied:

#### 2. Patch File Archive MVS creates a `.mobb` folder in your project root directory containing all the patch files that were applied during auto-fix sessions:

This allows you to: * Review exactly what changes were made * Understand the security issues that were fixed * Maintain a complete audit trail of automatic fixes {% hint style="info" %} Note: `.mobb` folder and its contents are automatically added to the `.gitignore` file {% endhint %} ### Benefits of Auto-Fix Mode * **Zero interruption** to your development workflow * **Continuous protection** against security vulnerabilities * **Automatic remediation** of issues as soon as they're introduced * **Complete transparency** with detailed fix tracking * **Seamless integration** with your existing development environment ## Supported IDEs and AI-Assistants MVS integrates with any IDE or AI-assistants that support MCP, including: * **Visual Studio Code** * **Cursor** * **JetBrains IDEs** (IntelliJ, WebStorm, etc.) * **Visual Studio** * **GitLab Duo** * **Tabnine** * **Devin.ai** * **Other AI assistants** that support custom MCP servers ### Next Steps Continue to the Installation Guide to set up Mobb Vibe Shield for your IDE: * [MVS Setup Guide for VS Code + GitHub Copilot](https://docs.mobb.ai/mobb-user-docs/getting-started/mobb-vibe-shield-mvs/vs-code-+-github-copilot) * [MVS Setup Guide for Cursor](https://docs.mobb.ai/mobb-user-docs/getting-started/mobb-vibe-shield-mvs/cursor) * [MVS Setup Guide for Visual Studio 2022 + GitHub Copilot](https://docs.mobb.ai/mobb-user-docs/getting-started/mobb-vibe-shield-mvs/visual-studio-2022-+-github-copilot) * [MVS Setup Guide for IntelliJ IDEA + GitHub Copilot](https://docs.mobb.ai/mobb-user-docs/getting-started/mobb-vibe-shield-mvs/intellij-idea-+-github-copilot) * [MVS Setup Guide for VS Code + GitLab Duo Chat](https://docs.mobb.ai/mobb-user-docs/getting-started/mobb-vibe-shield-mvs/vs-code-+-gitlab-duo-chat) * [MVS Setup Guide for Devin.ai](https://docs.mobb.ai/mobb-user-docs/getting-started/mobb-vibe-shield-mvs/devin.ai) * [MVS Setup Guide for Tabnine Enterprise](https://docs.mobb.ai/mobb-user-docs/getting-started/mobb-vibe-shield-mvs/tabnine-enterprise)