Skip to main content

In this article

Patching Detected Vulnerabilities with Factory AI and Snyk Studio

Written by
Headshot of Stephen Thoemmes

Stephen Thoemmes

0 mins read

Programming with Factory AI’s Droids feels great. It’s cohesive, it’s smooth, it’s juicy; it feels like playing a game. One can sense their commitment to this ideal not just in their UI, but also in their partnerships – one key integration being with Linear (which is Jira’s younger competitor with a reputation for enriched UX via reactive web app animations and keyboard shortcuts). If tools like Claude Code, OpenAI Codex, and Gemini CLI are an offline Word document, then Factory AI’s offering is an online Google Drive built from the start with collaborative teams in mind. 

Their developer journey includes a well-made tutorial built into their website, which guides you step by step to:

  • Download the Factory CLI 

  • Add the Droid IDE Extension to VS-Code or your fork of choice (i.e., Cursor or WindSurf)

  • Give your Droid (Factory AI’s specialized AI Agents) its first task, in the browser or in the IDE.

If you’re on Linux, you can install the Factory CLI like so:

curl -fsSL https://app.factory.ai/cli | sh

The extension for VSCode is available here. Once installed, you can use `Ctrl-Shift-P` to open the Command Palette and select Run Factory Droid.

What’s in a Droid?

Factory AI offers specialized AI agents for a breadth of common software development tasks. These are referred to as Droids

  • Code Droid: Go from idea to merge-ready code changes. Write new features or components with clear requirements, leveraging Code Droid's ability to understand your codebase and implement functionality that follows your project's patterns and best practices. Improve existing code by identifying complex or inefficient patterns and transforming them into cleaner, more maintainable solutions while preserving functionality and enhancing performance. Analyze error logs, identify root causes, and develop fixes for bugs in your codebase. Create comprehensive unit tests to ensure code reliability and prevent regressions in your applications.

  • Knowledge Droid: Engineering research, technical documentation, and onboarding guides. Generate comprehensive documentation for your codebase, including API references, architecture overviews, and component relationships to improve team understanding and onboarding. Get clear explanations of complex systems, architectural decisions, and implementation details within your projects to help team members understand how different components interact. Quickly find and extract specific information from your codebase and documentation, saving time when looking for implementation details or understanding particular features.

  • Reliability Droid: Investigate incidents, write RCAs, and debug complex multi-service systems. Analyze production incidents by examining error logs, metrics, and system behavior to quickly identify patterns and potential causes of outages or performance degradation. Create comprehensive Root Cause Analysis documents that include timeline, impact assessment, root cause identification, and preventative measures to share with stakeholders. Develop robust error handling mechanisms, including circuit breakers, retry logic, and graceful degradation patterns to improve system resilience and prevent cascading failures.

  • Product Droid: Plan features, create PRDs, and manage your projects. Generate detailed Product Requirements Documents with feature overviews, user stories, acceptance criteria, technical considerations, and implementation phases for new product features. Create comprehensive user stories with detailed acceptance criteria for different user types and scenarios, helping development teams understand feature requirements from the user perspective. Analyze feature requests and develop prioritization frameworks with impact vs. effort assessments to help product teams make informed decisions about implementation order.

This contemporary approach to AI agents – to offer a library of pre-built and specialized agents – allows users to make the most of their LLMs’ limited context windows. While the singular agent offered by tools like Claude Code, OpenAI Codex, and Gemini CLI “can” be versatilely applied to a similar breadth of tasks, Factory AI has put the time into providing developers with an agent that can do so with expert management of its context for its very particular purpose. That’s not to exclude the general-purpose Droid that is also included in their library, which you can of course rely on for any purpose not covered by the specially prepared set of Droids. 

Happily, Factory AI does not lock you into any single LLM vendor. The most well-known vendors are readily available (see below). And for LLMs with unique variants for things like reasoning, you can easily make your choice in the same UI dialog.

MCP support

Similar to other AI agent CLIs, Droid CLI offers fantastic Model Context Protocol (MCP) support. Adding your favorite MCP server is easy.

For example, the official Snyk MCP Server can be added like so :

droid mcp add --type stdio SNYK "snyk mcp -t stdio"
Added stdio MCP server SNYK with command: snyk mcp -t stdio

But what can we do with this? What would be the benefit of extending the toolset available to an already-capable Droid? Support for running shell commands, reading, writing, and editing files is already built in. 

Using AI agents (Droids) to automatically patch vulnerabilities

For this example, I’ve cloned OWASP Project Leader adeyosemanputra’s pyGoat repository. This project intentionally includes a series of well-documented vulnerabilities for educational purposes. Here are some of the vulnerabilities highlighted by Snyk’s own IDE extension:

We can also ask Droid to use the MCP server to list some of those same vulnerabilities. See:

>  Please run a code scan on the codebase with Snyk.

⛬  I'll help you run a Snyk code scan on the pygoat codebase. Let me first check the
   authentication status and then perform the scan.

 PLAN   Updated: 3 total (2 pending, 1 in progress, 0 completed)

 ○ Check Snyk authentication status
 ○ Run Snyk code scan on pygoat codebase
 ○ Review and report scan results

 [MCP] SNYK:SNYK_AUTH_STATUS 
 ↳stephen.thoemmes

⛬  Great! You're authenticated as stephen.thoemmes. Now I'll run the Snyk code scan on
    the pygoat codebase to identify security vulnerabilities.

 PLAN   Updated: 3 total (1 pending, 1 in progress, 1 completed)

 ○ Check Snyk authentication status
 ○ Run Snyk code scan on pygoat codebase
 ○ Review and report scan results

 [MCP] SNYK:SNYK_CODE_SCAN  (/home/owler/Documents/Snyk/factory/pygoat)
 Testing /home/owler/Documents/Snyk/factory/pygoat ...

  ✗ [Low] Use of Hardcoded Credentials 
    Path: introduction/playground/A9/api.py, line 17 
    Info: Do not hardcode credentials in code. Found hardcoded credential used in a 
 condition.


  ✗ [High] SQL Injection 
    Path: introduction/views.py, line 871 
    Info: Unsanitized input from an HTTP parameter flows into 
 introduction.models.sql_lab_table.objects.raw, where it is used in an SQL query. This 
 may result in an SQL Injection vulnerability.


 ✔ Test completed

 Organization:      stephen.thoemmes
 Test type:         Static code analysis
 Project path:      /home/owler/Documents/Snyk/factory/pygoat

 Summary:

   101 Code issues found
   15 [High]   44 [Medium]   42 [Low] 

 PLAN   Updated: 3 total (0 pending, 0 in progress, 3 completed)

 ○ Check Snyk authentication status
 ○ Run Snyk code scan on pygoat codebase
 ○ Review and report scan results

⛬  The Snyk code scan has completed successfully! Here's a summary of the security
   findings:

   Scan Results Summary

   Total Issues Found: 101
   •  15 High severity vulnerabilities
   •  44 Medium severity vulnerabilities
   •  42 Low severity vulnerabilities

   Key High-Severity Issues Found:
   1. SQL Injection - Multiple instances in views.py
   2. Code Injection - eval() usage with unsanitized input
   3. Command Injection - subprocess.Popen with unsanitized input
   4. Path Traversal - File operations with unsanitized paths
   5. XML External Entity (XXE) Injection - Insecure XML parsing
   6. Deserialization vulnerabilities - pickle.loads and yaml.load with untrusted data
   7. Hardcoded cryptographic keys - JWT keys hardcoded in source
   8. Hardcoded secrets - Non-cryptographic secrets in code

   Medium/Low Severity Issues:
   •  Hardcoded passwords and credentials
   •  CSRF protection disabled on multiple endpoints
   •  Insecure cookie configurations (missing HttpOnly/Secure flags)
   •  Weak hashing algorithms (MD5)
   •  Debug mode enabled in production
   •  SSRF vulnerabilities

   This is a comprehensive security assessment showing that pygoat (being a
   deliberately vulnerable application for educational purposes) contains numerous
   intentional security flaws across all severity levels, making it an excellent
   training platform for learning about web application security vulnerabilities.

Finally, with the Code Droid selected, we can ask the LLM to patch one of these high-priority vulnerabilities. 

>  ✗ [High] SQL Injection 
       Path: introduction/views.py, line 871 
       Info: Unsanitized input from an HTTP parameter flows into 
    introduction.models.sql_lab_table.objects.raw, where it is used in an SQL query. 
   This 
    may result in an SQL Injection vulnerability. Can you fix this vulnerability and 
   then re-scan to show that it is fixed?

⛬  I'll help you fix the SQL injection vulnerability on line 871 in
   introduction/views.py and then re-scan to verify the fix. Let me first examine the
   vulnerable code.

 PLAN   Updated: 3 total (2 pending, 1 in progress, 0 completed)

 ○ Examine SQL injection vulnerability on line 871 in views.py
 ○ Fix the SQL injection vulnerability using parameterized queries
 ○ Re-run Snyk scan to verify the fix

 READ  (introduction/views.py, offset: 860, limit: 20)
 ↳ Read 22 lines.

⛬  Let me see more context around the vulnerable code to understand how the SQL query
   is constructed:

 READ  (introduction/views.py, offset: 840, limit: 40)
 ↳ Read 42 lines.

⛬  Now I can see the vulnerability clearly. The SQL query on line 855 is constructed
   by directly concatenating user input without sanitization. Let me also check the
   imports to see what model is being used:

 GREP  ("from.*models import|import.*mo...", content mode)
 ↳ Read 1 line.

 GREP  ("sql_lab_table", content mode)
 ↳ Read 7 lines.

⛬  Perfect! Now I understand the vulnerability. The code is directly concatenating
   user input (name and password) into the SQL query string, making it vulnerable to
   SQL injection. Let me fix this by using parameterized queries:

 PLAN   Updated: 3 total (1 pending, 1 in progress, 1 completed)

 ○ Examine SQL injection vulnerability on line 871 in views.py
 ○ Fix the SQL injection vulnerability using parameterized queries
 ○ Re-run Snyk scan to verify the fix

 EDIT  (introduction/views.py)
 ↳ Succeeded. File edited. (+3 added, -2 removed)

 ╭───────────────────────────────────────────────────────────────────────────────╮
 │ 854 │  854           print(password)                                          │
 │ 855 │  855                                                                    │
 │ 856 │  856           if name:                                                 │
 │ 857 │      -             sql_query = "SELECT * FROM introduction_sql_lab_tabl…│
 │     │  857 +             # Fixed SQL injection by using parameterized query   │
 │     │  858 +             sql_query = "SELECT * FROM introduction_sql_lab_tabl…│
 │ 858 │  859                                                                    │
 │ 859 │  860               sql_instance = sql_lab_table(id="admin", password="6…│
 │ 860 │  861               sql_instance.save()                                  │
 │                                                                               │
 │... 7 unchanged lines ...                                                      │
 │                                                                               │
 │ 868 │  869               print(sql_query)                                     │
 │ 869 │  870                                                                    │
 │ 870 │  871               try:                                                 │
 │ 871 │      -                 user = sql_lab_table.objects.raw(sql_query)      │
 │     │  872 +                 user = sql_lab_table.objects.raw(sql_query, [nam…│
 │ 872 │  873                   user = user[0].id                                │
 │ 873 │  874                   print(user)                                      │
 │ 874 │  875                                                                    │
 ╰───────────────────────────────────────────────────────────────────────────────╯

⛬  Great! I've successfully fixed the SQL injection vulnerability by:

   1. Changing the SQL query construction: Instead of directly concatenating user
      input into the SQL string, I'm now using parameterized query placeholders (%s)
   2. Using parameterized execution: The raw() method now receives the parameters as a
       separate list [name, password], which ensures proper escaping and prevents SQL
      injection

   Now let's run the Snyk scan again to verify that this specific vulnerability has
   been fixed:

 PLAN   Updated: 3 total (0 pending, 1 in progress, 2 completed)

 ○ Examine SQL injection vulnerability on line 871 in views.py
 ○ Fix the SQL injection vulnerability using parameterized queries
 ○ Re-run Snyk scan to verify the fix

 [MCP] SNYK:SNYK_CODE_SCAN  (/home/owler/Documents/Snyk/factory/pygoat)
 Testing /home/owler/Documents/Snyk/factory/pygoat ...

  ✗ [Low] Use of Hardcoded Credentials 
    Path: introduction/playground/A9/api.py, line 17 
    Info: Do not hardcode credentials in code. Found hardcoded credential used in a 
 condition.


  ✗ [High] Hardcoded Non-Cryptographic Secret 
    Path: pygoat/settings.py, line 25 
    Info: Avoid hardcoding values that are meant to be secret. Found a hardcoded string 
 used in here.

 ✔ Test completed

 Organization:      stephen.thoemmes
 Test type:         Static code analysis
 Project path:      /home/owler/Documents/Snyk/factory/pygoat

 Summary:

   100 Code issues found
   14 [High]   44 [Medium]   42 [Low] 

 PLAN   Updated: 3 total (0 pending, 0 in progress, 3 completed)

 ○ Examine SQL injection vulnerability on line 871 in views.py
 ○ Fix the SQL injection vulnerability using parameterized queries
 ○ Re-run Snyk scan to verify the fix

⛬  Perfect! The fix has been successfully verified. Here's what happened:

   ✅ SQL Injection Vulnerability Fixed!

   Before the fix:
   •  101 total issues (15 High, 44 Medium, 42 Low)
   •  SQL Injection vulnerability at introduction/views.py, line 871

   After the fix:
   •  100 total issues (14 High, 44 Medium, 42 Low)
   •  The SQL injection vulnerability is no longer reported ✅

   Summary of the Fix

   I successfully fixed the SQL injection vulnerability by:

   1. Replaced vulnerable string concatenation:
      ```python
      # BEFORE (vulnerable):
      sql_query = "SELECT * FROM introduction_sql_lab_table WHERE id='"+name+"'AND
   password='"+password+"'"
      user = sql_lab_table.objects.raw(sql_query)
      ```

   2. With secure parameterized query:
      ```python
      # AFTER (secure):
      sql_query = "SELECT * FROM introduction_sql_lab_table WHERE id=%s AND
   password=%s"
      user = sql_lab_table.objects.raw(sql_query, [name, password])
      ```

   The Snyk scan now shows 1 fewer issue (from 101 to 100), confirming that the
   specific SQL injection vulnerability on line 871 has been eliminated. The fix uses
   Django's built-in parameter binding which automatically escapes user input and
   prevents SQL injection attacks.

This demonstrates the potential for a new paradigm in DevSecOps workflows. Rather than security being a separate, often delayed concern, we can now integrate vulnerability detection and remediation directly into the development process. The combination of Factory AI's specialized agents with MCP servers like Snyk’s means that security issues can not only be identified but also swiftly fixed and re-verified for correctness—all within the same interface where developers are already working.

Next steps with Factory AI and Snyk Studio

As MCP adoption grows and more security tools develop MCP servers, we can envision Droids that not only patch vulnerabilities but also generate security tests, update documentation to reflect security fixes, and even create tickets for manual review of complex issues. The modular nature of both Factory's Droid system and the MCP protocol means these capabilities can evolve independently while remaining interoperable.

For teams looking to implement similar workflows, the setup is straightforward: install the Factory CLI, add your preferred MCP servers, and start patching vulnerabilities to build confidence in the automated patching process. The key is treating AI agents as force multipliers for your security team rather than replacements—they excel at handling the routine, well-understood fixes while humans focus on the novel security challenges that require creative problem-solving.

Want to learn more about securing the MCP Server ecosystem? Download our Ebook today.

EBOOK

Securing the MCP Servers Ecosystem

Explore emerging attack paths and unpack real-world incidents to show how to defend against them with practical, flow-aware strategies.

Download Ebook