Security Vulnerability Scan
Scan code for security issues, check CVE databases, and create issues
Example Prompt
Scan our codebase for security vulnerabilities, check for known CVEs, and create issues for anything you find
About
Performs a security-focused scan of your codebase by reading source files for common vulnerability patterns, cross-referencing with public CVE databases, and automatically creating GitHub issues for any findings. Helps maintain a proactive security posture.
Workflow Steps
List project directories to identify source files and configuration files to scan
๐ List DirectoryRead source and config files to detect hardcoded secrets, insecure patterns, and misconfigurations
๐ Read FileSearch CVE databases for known vulnerabilities matching the project's technology stack
๐ Web SearchAssess severity and prioritize the discovered vulnerabilities
๐ง Structured ReasoningCreate GitHub issues for each confirmed vulnerability with remediation guidance
โ Create IssueTools Used
Web Search
Search the web using Brave Search and return relevant results with snippets
List Directory
List all files and subdirectories in a given directory path
Read File
Read the contents of a file at a specified path on the local filesystem
Create Issue
Create a new issue in a GitHub repository with title, body, labels, and assignees
Structured Reasoning
Break down a complex problem into sequential reasoning steps with explicit chain-of-thought
Required MCP Servers
Brave Search
Privacy-first web search powered by Brave's independent search index
Filesystem
Read, search, and manage files on the local filesystem
GitHub
Access GitHub repos, issues, PRs, and code search via the official MCP server
Sequential Thinking
Dynamic problem-solving through structured thought sequences with branching and revision