AI-Powered Fixes

Rivet uses AI to generate fix suggestions for quantum-vulnerable code findings. Suggestions are provided as diffs for you to review and apply manually.

How It Works

  1. Detection — Code analyzer finds a quantum-vulnerable pattern
  2. Generation — AI generates a replacement using a NIST PQC algorithm
  3. Review — You review the suggested diff
  4. Apply — Apply the changes manually to your codebase

Supported Fix Types

  • RSA key generation → ML-KEM / ML-DSA
  • ECDSA signatures → ML-DSA; ECDH key exchange → ML-KEM
  • Weak hash functions → SHA-3 / BLAKE3
  • Insecure random → OS-level CSPRNG
  • Deprecated TLS configs → TLS 1.3 with PQC cipher suites

Notes

  • Suggestions are provided as guidance only — always review before applying to your codebase
  • Staleness detection — if the file changed since the scan, the suggestion is invalidated and must be regenerated
  • Use Discard to remove a suggestion and start fresh
  • Use Regenerate to produce a new suggestion for the same finding

LLM Configuration

ProviderNotes
Google GeminiDefault — requires a Google AI API key
Anthropic ClaudeRequires an Anthropic API key
OpenAI GPTRequires an OpenAI API key
Custom / On-PremiseOllama, LM Studio, Azure OpenAI, vLLM — for air-gapped or self-hosted deployments (Enterprise)

Configure in Settings → AI Configuration.