Docs
DocsAPICLIGlossary
Launch App
User Guides
Product Guides
ComplianceSecurityQualitySBOM Managementfossabot
Get Started
Project Setup
Release Groups
Issues
Licenses
Vulnerabilities
Quality
SBOM
Policies
Reports
FOSSA CLI
API Reference
Integrations
fossabot
Organization Management
On-Premises Deployment
Help & Support
Legal
Get Supportfossa.com
DocsProduct Guidesfossabot

fossabot

The FOSSA AI agent for dependency upgrades, SAST security review, and AI code guardrails.

4 min read
Prerequisites: Your GitHub or GitLab repositories connected to fossabot at bot.fossa.com.

Start here

For Developers

Step-by-step onboarding path

What's inside

Setup

Connect fossabot to your GitHub or GitLab repositories.

Read more

Dependency Upgrades

Propose strategic dependency updates, group related ones, and fix breaking changes.

Read more

SAST Security Review

Review the code changed in a pull request for security issues.

Read more

AI Guardrails

Flag AI-generated code with problematic license obligations before it merges.

Read more

Supported Ecosystems & Tools

Language support and private registry configuration.

Read more

Key concepts

System Architecture

The data sources fossabot uses and the security boundaries between analysis steps.

Tips for Continuous Integration

How fossabot uses your CI results to make better decisions.

© 2026 FOSSA, Inc.support@fossa.com