# AI remediation

> **Warning:** This product is in Beta stage and we may release breaking changes. The documentation here matches the release version listed in the table of contents.

`sonar remediate` asks SonarQube Cloud's remediation agent to propose a fix for issues it considers *eligible*. You pick which issues to remediate (interactively or by passing their keys), and the CLI returns the agent's suggested change.

> **Note:** **SonarQube Cloud only.** Remediation is currently available on SonarQube Cloud, against organizations entitled to the Remediation Agent. It is not yet supported on self-hosted SonarQube Server.

## When to use it

* You're triaging issues in an existing project and want an AI-generated starting point for a fix.
* You're running an automation pass over a known set of issue keys (for example, the BLOCKERs reported by `sonar list issues`).
* You're working inside Claude Code or Copilot — the agent can chain `sonar remediate` after `sonar verify` to suggest fixes for new findings.

`sonar remediate` is best used for clearly-scoped, well-defined issues (specific rule violations on a single function, for example). For sweeping refactors, treat the agent's output as a suggestion and review it carefully before applying.

## Prerequisites

* [The SonarQube CLI is installed and authenticated](/sonarqube-cli/quickstart-guide.md) against SonarQube Cloud.
* Your organization is entitled to the SonarQube Remediation Agent.
* You know your project key, or run from a directory where the CLI can auto-detect it.

## Interactive remediation

Run inside the project directory to pick issues from a list:

```bash
sonar remediate --project <YourProjectKey>
```

The CLI fetches the project's *eligible* issues from the server and prompts you to select which ones to remediate. The server decides eligibility—only issues the remediation agent can fix are shown.

## Non-interactive remediation

For scripts and CI/CD, pass the issue keys directly:

```bash
sonar remediate --project <YourProjectKey> --issues key-1,key-2,key-3
```

You can pass up to 20 issue keys per invocation. Get keys from `sonar list issues`:

```bash
sonar list issues --project my-org_my-app --severities BLOCKER --format json \
  | jq -r '.issues[].key' \
  | paste -sd, \
  | xargs -I {} sonar remediate --project my-org_my-app --issues {}
```

> **Note:** When `sonar remediate` runs without a terminal attached (in CI/CD, an SSH session without a TTY, or a CI runner), `--issues` is **required**. The command will fail fast otherwise rather than wait for input.

## What you get back

The remediation agent returns a proposed change. You review it, apply it, edit it, or discard it. The CLI does not push any changes to your repository on its own — you stay in control of what lands.

## Override the project

If auto-detection picks the wrong project (for example, when your repo is mapped to several SonarQube projects), pass `--project` explicitly:

```bash
sonar remediate --project my-org_specific-project
```

## Use it from an AI agent

After you install the [Claude Code](/sonarqube-cli/integrations/claude-code.md) or [GitHub Copilot](/sonarqube-cli/integrations/github-copilot.md) integration, the agent can call `sonar remediate` itself. Example prompt:

*"List the BLOCKER issues in `my-org_my-app`, pick the top three, and run `sonar remediate` on them."*

## Related pages <a href="#related-pages" id="related-pages"></a>

* [Analyzing local changes](/sonarqube-cli/analysis/analyzing-local-changes.md)
* [Secrets scanning](/sonarqube-cli/analysis/secrets-scanning.md)
* [Commands reference](/sonarqube-cli/using-sonarqube-cli/commands.md)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.sonarsource.com/sonarqube-cli/analysis/ai-remediation.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.