mobb-vulnerabilities-fixer

Compare original and translation side by side

🇺🇸

Original

English

🇨🇳

Translation

Chinese

Mobb Vulnerabilities Fixer

Mobb漏洞修复工具

Overview

概述

Use Mobb MCP scan-and-fix behavior to identify security issues in a local repo and apply the generated patches. Follow the MCP workflow exactly, including file selection, pagination, and rescan rules.

使用Mobb MCP的扫描修复功能识别本地仓库中的安全问题并应用生成的补丁。严格遵循MCP工作流，包括文件选择、分页和重新扫描规则。

Workflows

工作流

Scan and Fix (default)

扫描与修复（默认）

Confirm target repository path. Use an absolute path to the repository root. Reject paths with traversal patterns. If the user gives
```
.
```
and a workspace root is known, use it.
Ensure Mobb authentication is available. Prefer
```
API_KEY
```
in the environment. If missing or invalid, inform the user a browser window will open for Mobb login and authorization, then proceed once authenticated. If the user has no account, instruct them to create one and generate an API key. See
```
references/mobb-auth.md
```
.
Require MCP to be already running. Do not install or launch MCP yourself. Ask the user to start the Mobb MCP server on their machine using their approved process and confirm it is running before you proceed.
Execute MCP scan-and-fix. Invoke the MCP tool
```
scan_and_fix_vulnerabilities
```
with the repository path. Use optional parameters only when the user explicitly asks.

Required parameter:

```
path
```
: absolute path to the repository root

Optional parameters:

```
offset
```
: pagination offset for additional fixes
```
limit
```
: maximum number of fixes to return (default is 3)
```
maxFiles
```
: scan up to N recently changed files (default is 10); setting this triggers a fresh scan
```
rescan
```
: force a full rescan; only when user explicitly asks
```
scanRecentlyChangedFiles
```
: when true and no git changes are found, scan recently changed files from history

Apply returned fixes only with explicit user consent. If the tool returns patches, summarize what will change and ask the user to confirm before applying. Apply patches exactly as provided, modify nothing else, and explain after applying. If a patch cannot be applied, report the exact conflict and continue with others the user approved.
Never auto-rescan or auto-page. Do not rescan or fetch additional pages of fixes unless the user explicitly asks. If more fixes are available, inform the user how to request the next page.

确认目标仓库路径。使用仓库根目录的绝对路径。拒绝包含遍历模式的路径。如果用户提供“.”且已知工作区根目录，则使用该根目录。
确保Mobb认证可用。优先使用环境变量中的
```
API_KEY
```
。如果缺失或无效，告知用户将打开浏览器窗口进行Mobb登录和授权，待认证完成后再继续。如果用户没有账户，指导其创建账户并生成API密钥。详见
```
references/mobb-auth.md
```
。
要求MCP已处于运行状态。请勿自行安装或启动MCP。请用户使用其认可的流程在本地启动Mobb MCP服务器，并在继续前确认服务器已运行。
执行MCP扫描与修复。调用MCP工具
```
scan_and_fix_vulnerabilities
```
并传入仓库路径。仅当用户明确要求时才使用可选参数。

必填参数：

```
path
```
：仓库根目录的绝对路径

可选参数：

```
offset
```
：获取更多修复方案的分页偏移量
```
limit
```
：返回的最大修复方案数量（默认值为3）
```
maxFiles
```
：扫描最多N个最近变更的文件（默认值为10）；设置此参数将触发全新扫描
```
rescan
```
：强制进行完整重新扫描；仅当用户明确要求时使用
```
scanRecentlyChangedFiles
```
：当值为true且未检测到git变更时，扫描历史记录中最近变更的文件

仅在获得用户明确同意后应用返回的修复方案。如果工具返回补丁，总结即将进行的变更并请求用户确认后再应用。严格按照提供的内容应用补丁，不得修改其他任何内容，应用完成后进行说明。如果某个补丁无法应用，报告确切的冲突情况，继续应用用户已批准的其他补丁。
切勿自动重新扫描或自动分页。除非用户明确要求，否则请勿重新扫描或获取更多页的修复方案。如果存在更多修复方案，告知用户如何请求下一页。

Fetch Available Fixes (summary only)

获取可用修复方案（仅摘要）

Use when the user wants a summary of available fixes without uploading/scanning or applying patches.

Call

fetch_available_fixes

with:

```
path
```
: absolute path to the repo root
```
offset
```
and
```
limit
```
: optional pagination
```
fileFilter
```
: optional list of relative paths to filter fixes
```
fetchFixesFromAnyFile
```
: optional boolean to fetch fixes for all files

fileFilter

and

fetchFixesFromAnyFile

are mutually exclusive. If neither is provided, the tool filters to files with git status changes.

当用户希望获取可用修复方案的摘要而不进行上传/扫描或应用补丁时使用此功能。

调用

fetch_available_fixes

并传入：

```
path
```
：仓库根目录的绝对路径
```
offset
```
和
```
limit
```
：可选分页参数
```
fileFilter
```
：可选的相对路径列表，用于过滤修复方案
```
fetchFixesFromAnyFile
```
：可选布尔值，用于获取所有文件的修复方案

fileFilter

和

fetchFixesFromAnyFile

互斥。如果两者均未提供，工具将过滤出有git状态变更的文件。

Check for New Available Fixes (monitoring)

检查新的可用修复方案（监控）

Call

check_for_new_available_fixes

once at the end of a session after edits/tests, or when the user explicitly asks to check for fresh fixes.

Behavior notes:

Requires a local git repo with an
```
origin
```
remote.
If auto-fix is enabled, fixes may be applied automatically; tell the user to review and commit changes.
It may return "initial scan in progress" or "no fresh fixes" depending on timing.

在会话结束后的编辑/测试完成后，或当用户明确要求检查新修复方案时，调用

check_for_new_available_fixes

。

行为说明：

需要带有
```
origin
```
远程仓库的本地git仓库。
如果启用自动修复，修复方案可能会自动应用；告知用户需查看并提交变更。
根据时间情况，可能会返回“初始扫描进行中”或“无新修复方案”。

File Selection Rules (scan_and_fix_vulnerabilities)

文件选择规则（scan_and_fix_vulnerabilities）

If the path is a valid git repo, scan only changed/staged files by default.
If no changes are found and
```
scanRecentlyChangedFiles
```
is true (or
```
maxFiles
```
is set), scan recently changed files from git history.
If not a git repo, scan recently changed files in the directory.
Exclude files larger than 5 MB.

如果路径是有效的git仓库，默认仅扫描已变更/暂存的文件。
如果未检测到变更且
```
scanRecentlyChangedFiles
```
为true（或已设置
```
maxFiles
```
），扫描git历史记录中最近变更的文件。
如果不是git仓库，扫描目录中最近变更的文件。
排除大于5 MB的文件。

No-Changes Case

无变更情况

If no changed files are detected, explain the situation and offer a follow-up scan using

scanRecentlyChangedFiles

and/or

maxFiles

, but do not run it unless explicitly requested.

如果未检测到已变更文件，说明情况并提供使用

scanRecentlyChangedFiles

和/或

maxFiles

进行后续扫描的选项，但除非明确请求，否则不要运行该扫描。

Resources

资源

```
references/mcp-scan-fix.md
```
: MCP scan-and-fix, fetch, and monitoring tool details
```
references/mobb-auth.md
```
: authentication and login flow details

```
references/mcp-scan-fix.md
```
：MCP扫描修复、获取和监控工具的详细信息
```
references/mobb-auth.md
```
：认证和登录流程的详细信息