diff --git a/src/commands/fix/git.mts b/src/commands/fix/git.mts
index 5f6adb6fd..8af26bef8 100644
--- a/src/commands/fix/git.mts
+++ b/src/commands/fix/git.mts
@@ -6,6 +6,19 @@ import type { GhsaDetails } from '../../utils/github.mts'
 
 const GITHUB_ADVISORIES_URL = 'https://github.com/advisories'
 
+/**
+ * Extract unique package names with ecosystems from vulnerability details.
+ */
+function getUniquePackages(details: GhsaDetails): string[] {
+  return [
+    ...new Set(
+      details.vulnerabilities.nodes.map(
+        v => `${v.package.name} (${v.package.ecosystem})`,
+      ),
+    ),
+  ]
+}
+
 export type SocketFixBranchParser = (
   branch: string,
 ) => SocketFixBranchParseResult | undefined
@@ -60,9 +73,7 @@ export function getSocketFixPullRequestBody(
     if (!details) {
       return body
     }
-    const packages = details.vulnerabilities.nodes.map(
-      v => `${v.package.name} (${v.package.ecosystem})`,
-    )
+    const packages = getUniquePackages(details)
     return [
       body,
       '',
@@ -82,9 +93,7 @@ export function getSocketFixPullRequestBody(
       const details = ghsaDetails?.get(id)
       const item = `- [${id}](${GITHUB_ADVISORIES_URL}/${id})`
       if (details) {
-        const packages = details.vulnerabilities.nodes.map(
-          v => `${v.package.name}`,
-        )
+        const packages = getUniquePackages(details)
         return `${item} - ${details.summary} (${joinAnd(packages)})`
       }
       return item