# Remediation Agent > **Note:** The SonarQube Remediation Agent is a [Beta](https://docs.sonarsource.com/sonarqube-cloud/appendices/product-release-lifecycle#beta) feature available with the SonarQube Cloud Team (annual) and Enterprise plan accounts. It's free during beta and becomes a paid feature when it moves to [General Availability](https://docs.sonarsource.com/sonarqube-cloud/appendices/product-release-lifecycle#general-availability). For terms and conditions, see [Early Access](https://www.sonarsource.com/legal/early-access/). ## Overview The SonarQube Remediation Agent helps you fix issues found by SonarQube Cloud in pull requests and in your backlog. It generates fix suggestions for eligible issues and verifies the proposed changes before offering them to you. This page explains how to enable the agent, manage repository access, and control how it operates in GitHub and SonarQube Cloud. ## Requirements and limitations * The SonarQube Remediation Agent, when enabled, can make fix suggestions in new PRs on private projects in GitHub. * Analysis must be enabled on your GitHub repository—either automatic analysis or CI-based analysis. * Your GitHub organization and repository must be bound to your SonarQube Cloud organization and project. * The agent can suggest code fixes in the main branch of your backlog and on your pull request for maintainability, reliability, and a select set of security issues found in Java, JavaScript/TypeScript, and Python code. The agent can also suggest fixes for secrets detected in your code. The expandable blocks below list the blocked rules: ### Unsupported Java rules A small number of rules aren't supported because they're too complex for an LLM to solve. java:S113 java:S1130 java:S1134 java:S1135 java:S1144 java:S1228 java:S1874 java:S2188 java:S2260 java:S2638 java:S2699 java:S2970 java:S3551 java:S3776 java:S4488 java:S4605 java:S4738 java:S5785 java:S5838 java:S5841 java:S5853 java:S6126 java:S6204 java:S6539 java:S7467 java:S7476 ### Unsupported JavaScript rules A small number of rules aren't supported because they're too complex for an LLM to solve. javascript:S1134 javascript:S1135 javascript:S1144 javascript:S1529 javascript:S1607 javascript:S2187 javascript:S2234 javascript:S2301 javascript:S2310 javascript:S2870 javascript:S2871 javascript:S2999 javascript:S3776 javascript:S3782 javascript:S3800 javascript:S4123 javascript:S6324 javascript:S6435 javascript:S6440 javascript:S6441 javascript:S6477 javascript:S6478 javascript:S6481 javascript:S6551 javascript:S6594 javascript:S6746 javascript:S6747 javascript:S6748 javascript:S6754 javascript:S6756 javascript:S6757 javascript:S6766 javascript:S6767 javascript:S6774 javascript:S6775 javascript:S6788 javascript:S6790 javascript:S6791 javascript:S6819 javascript:S6957 javascript:S7060 ### Unsupported Python rules A small number of rules aren't supported because they're too complex for an LLM to solve. python:S930 python:S1134 python:S1135 python:S1144 python:S2638 python:S3699 python:S5632 python:S5655 python:S5756 python:S5864 python:S5886 python:S5899 python:S5906 python:S6243 python:S6553 python:S6709 python:S6741 python:S6974 python:S7487 python:S7512 ### Unsupported TypeScript rules A small number of rules aren't supported because they're too complex for an LLM to solve. typescript:S107 typescript:S1134 typescript:S1135 typescript:S1144 typescript:S1607 typescript:S1871 typescript:S1874 typescript:S2187 typescript:S2201 typescript:S2234 typescript:S2310 typescript:S2699 typescript:S3579 typescript:S3776 typescript:S3972 typescript:S3981 typescript:S4043 typescript:S4123 typescript:S4144 typescript:S4323 typescript:S4325 typescript:S4335 typescript:S4623 typescript:S4822 typescript:S5850 typescript:S5860 typescript:S6035 typescript:S6324 typescript:S6325 typescript:S6331 typescript:S6353 typescript:S6440 typescript:S6441 typescript:S6477 typescript:S6478 typescript:S6481 typescript:S6535 typescript:S6544 typescript:S6550 typescript:S6551 typescript:S6557 typescript:S6571 typescript:S6582 typescript:S6583 typescript:S6590 typescript:S6594 typescript:S6606 typescript:S6647 typescript:S6747 typescript:S6748 typescript:S6754 typescript:S6756 typescript:S6757 typescript:S6767 typescript:S6775 typescript:S6788 typescript:S6791 typescript:S6957 typescript:S6959 typescript:S7059 typescript:S7060 typescript:S7647 typescript:S7648 typescript:S7649 typescript:S7650 typescript:S7651 typescript:S7652 typescript:S7653 typescript:S7654 typescript:S7655 typescript:S7725 typescript:S7727 typescript:S7729 typescript:S7732 typescript:S7747 typescript:S7754 typescript:S7755 typescript:S7758 typescript:S7767 typescript:S7780 typescript:S7783 ### Secrets rules All Secrets rules are supported To avoid noise in your PR comment history, the agent is limited. Currently, the limit is 20 issues; if more than 20 issues are introduced, the agent won’t be triggered. > **Warning:** The SonarQube Remediation Agent will only work with issues found in one of the supported language types. > > Once enabled in SonarQube Cloud, any of your GitHub repositories can add the SonarQube Remediation Agent as a GitHub App, regardless of the language type. > > SonarQube Cloud may find issues in a repository with an unsupported language (for example, C++), but the agent won't be triggered in a pull request because C++ isn't a supported language. ## Sharing your code with Sonar If you use the SonarQube Remediation Agent, the agent sends the affected code snippet to an LLM to generate a fix suggestion. These suggestions are verified by Sonar before being offered as an issue fix. Service agreements with Sonar’s LLMs prevent your code from being used to train those models and it isn’t stored by the LLM provider or any third party. For terms and conditions, see [Early Access terms](https://www.sonarsource.com/legal/early-access/) in our [Legal documentation](https://www.sonarsource.com/legal/). ## Enable your agent 1. Enable analysis on your GitHub repository project. Use either automatic analysis or CI-based analysis. If your project isn’t already bound to the GitHub repository, complete that binding before you install the agent. 2. Navigate to *Your SonarQube Cloud Organization* > **Administration** > **AI capabilities** > **AI agent**. 3. A GitHub administrator needs to install the [SonarQube Agent GitHub app](https://github.com/apps/sonarqube-agent). Under **Install app**, select **GitHub**. The administrator will be prompted to install the app on the GitHub organization already linked to your SonarQube Cloud organization. If installed, the agent will be granted: * Read and write access to code and pull requests * Read-only access to issues and metadata 4. Choose either **All repositories** or **Only select repositories** to control which repositories the AI agent can access. Once you’ve made your selection, select **Install & Authorize** to finish the setup. The installation may take a few seconds to complete. After setup, the **AI agent** > **Enable agent** > **Pull request fixes** and **Backlog fixes** options will be automatically selected in SonarQube Cloud. You’ll be able to commit the agent’s suggestions directly from your PRs and the **Assign to Agent** button will be available on the **Issues** page for selected projects. ## Manage agent access The SonarQube Remediation Agent only has access to the bound repositories defined in GitHub. To change repository access, a GitHub administrator who is also a SonarQube Cloud Administrator can navigate in SonarQube Cloud to *Your Organization* > **Administration** > **AI capabilities** > **AI agent**. Under Install app, select **Manage Permissions** which takes you to your GitHub Apps page. Alternatively, a GitHub administrator can navigate in GitHub to *Your GitHub Organization* > **Settings** > **Third-party Access** > **GitHub Apps**. Under **Installed GitHub Apps** > **SonarQube Agent**, select **Configure**. * In GitHub, under **SonarQube Agent** > **Repository access**, add or remove your repositories from the list. When finished, select **Save** to confirm your selection. ### Disable or suspend agent access You can disable the SonarQube Remediation Agent in SonarQube Cloud or in GitHub. A SonarQube Cloud Administrator can navigate to *Your Organization* > **Administration** > **AI capabilities** > **AI agent** > **Enable agent** and unselect **Remediation agent**. After you select **Save**, the agent won't be triggered in GitHub. To suspend or uninstall SonarQube Agent completely, navigate in GitHub to *Your GitHub Organization* > **Third-party Access** > **GitHub Apps** > **SonarQube Agent** > **Danger zone** and select **Suspend** or **Uninstall**. * **Suspend** will block the agent’s access to your repositories. This is the easiest way to restart the agent when you’re ready. * If you select and confirm **Uninstall**, the SonarQube Agent will be removed from all of your repositories and from your SonarQube Cloud Organization. The agent's activity will remain in your PR history, but if you want to use the agent again, you must return to [Enable your agent](#enable-your-agent). ## Agent behavior The SonarQube Remediation Agent makes changes to pull requests in GitHub when triggered by a failing quality gate. It also fixes issues from your backlog when you select **Assign to Agent** on the Issues page. * **Pull request fixes**: When your quality gate fails during PR analysis, the **Quality Gate failed** comment includes a **Fix automatically** checkbox. Select it to trigger the agent, which generates fixes and opens a separate PR targeting your branch. Its behavior and how to engage with it are described on [Pull request fix suggestions](/agent-centric-development-cycle/how-to-guides/solve-issues/pull-request-fix-suggestions.md). * **Backlog fixes**: Select issues from your main branch and assign them to the agent. It opens a new PR in GitHub and groups the fixes you assign by rule key and file. For details, see [Backlog fix suggestions](/agent-centric-development-cycle/how-to-guides/solve-issues/backlog-fix-suggestions.md). --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.sonarsource.com/agent-centric-development-cycle/how-to-guides/administer-ac-dc-features/remediation-agent.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.