Alphabet Inc.’s Google DeepMind lab shared results for CodeMender, an AI-powered agent that automatically detects, patches and rewrites vulnerable code to prevent future exploits. The aim is to debug and repair complex security flaws autonomously across massive codebases. While still only in a research phase, CodeMender has already submitted 72 security fixes to open-source projects, including those spanning more than 4.5 million lines of code. According to DeepMind, CodeMender’s AI-powered agent helps developers and maintainers focus on what they do best — building good software — by automatically creating and applying high-quality security patches. CodeMender is designed to be both reactive and proactive by instantly patching discovered vulnerabilities and also rewriting existing code to eliminate entire classes of flaws. In one example, the agent applied “-fbounds-safety” annotations to the libwebp image compression library, the same library exploited in a 2023 zero-click iOS attack. In doing so, it rendered similar buffer overflow vulnerabilities “unexploitable forever,” according to DeepMind researchers. Under the hood, CodeMender uses a suite of tools including static and dynamic analysis, fuzzing, symbolic reasoning and an “LLM judge” that validates whether proposed changes preserve functionality. The system can self-correct automatically before surfacing its final patch for human review when the validation detects an issue and all changes are verified for correctness, adherence to style guidelines and lack of regressions before submission.