Heal
Deep runs
Quick diagnosis reads individual files. When the root cause spans multiple files or needs code execution to confirm, escalate to Deep.
Deep clones your repo into a sandbox at the exact failing version. The agent traces call chains across files, executes the failure path, and — when it finds the fix — pushes a branch and opens a PR.
What changes with Deep
| Quick | Deep | |
|---|---|---|
| Source access | Reads files via GitHub | Full repo clone with code execution |
| Cross-file tracing | No | Follows imports, searches symbols, traces call chains |
| Reproduces failures | Infers from trace data | Executes the failure path, confirms the root cause triggers |
| Fix PRs | No | Writes the fix, verifies the diff, pushes a branch |
Deep is required for Fix PRs.
Trigger
Two ways:
- Pick Deep in the composer — depth picker next to the message input.
- Escalate from Quick — on any Quick result, click Run in sandbox.
Security model
Running code from your repo is privileged. Staso treats it that way.
- Workspace-controlled — enable or disable for the entire workspace from Settings -> Integrations.
- Bounded scope — each sandbox is disposable, scoped to a single diagnosis, torn down after.
- No ambient secrets — the sandbox sees your repo clone and its declared dependencies. No workspace credentials, no environment state from other runs.