The Workspace Security Center is available across all plans. Use it to scan project dependencies across your workspace and review CVE findings by severity. You can fix issues with Replit Agent, republish affected projects, and export Software Bill of Materials (SBOM) reports for compliance.Documentation Index
Fetch the complete documentation index at: https://docs.replit.com/llms.txt
Use this file to discover all available pages before exploring further.
To scan a single project instead, open the Project Security Center
from the Security pane inside that project.
New to dependency security? See Security concepts for definitions of CVE, SBOM, exposure, Fix with Agent, Republish, and Auto-Protect.
Features
CVE detection
See vulnerabilities across all projects in your workspace:- Identify vulnerable projects, prioritized by exposure (publishing status and visibility)
- See affected package names, versions, and severity (critical, high, medium, and low)
- Access remediation guidance for each project
Affected projects view
Identify which projects contain vulnerabilities and prioritize what to fix first:- See an overview of vulnerable projects grouped by exposure: total projects, published projects, and publicly published projects
- See a detailed breakdown of affected Replit projects
- Search by CVE ID or project name and filter by severity, owner, publishing status (Published / Not published), and visibility (Public / Private)
- Expand any project row to see every CVE finding (severity, package, version, CVE ID) without leaving the page
Fix with Agent and republish
Resolve vulnerabilities and redeploy without leaving the Security Center:- Select Fix with Agent on any affected project to draft a patch as a background task in the project. Review and apply the generated change before republishing.
- Track remediation status through Task in progress, Apply changes, Republish, and the terminal states Republished or Failed.
- One-click Republish with a confirmation dialog redeploys the build using its existing configuration once the fix is merged.
- Take bulk actions such as unpublishing or notifying project owners about vulnerabilities in their projects.
SBOM export
Export Software Bill of Materials for compliance and auditing:- Download SBOMs in standard formats (SPDX, CycloneDX)
- Generate reports for individual projects or your entire workspace
- Browse SBOMs grouped by scan run, with the timestamp, project count, and the user who triggered the run
- Download every SBOM in a scan run as a single bulk zip
- Meet compliance requirements for software supply chain transparency
Bulk SBOM downloads are available on Enterprise plans. Workspaces on other plans see an Enterprise upsell in the SBOM section.
Accessing the Workspace Security Center
To open the Workspace Security Center:- Go to replit.com and sign in to your account.
- Select Security from the left navigation on the home page.
Scanning your workspace
- Open the Workspace Security Center.
- Select Run security scan to initiate a scan across the workspace.
- Review the results organized by impacted project, severity, and deployment exposure.
- From any affected project, select Fix with Agent, then Republish once the fix is applied.
Auto-Protect
Admins can opt their account into Auto-Protect, which continuously monitors newly disclosed CVEs against every project’s dependencies. When a match is found, Replit Agent prepares a tested patch and builders receive an email with a direct link to apply it. See Auto-Protect for the full workflow and setup steps, including the admin-only severity threshold in Settings > Account > Advanced.Contact the dedicated account manager for help configuring the Workspace Security Center or integrating SBOM exports into compliance workflows.