Agent Setup
Start with the agent your team already uses. The recipe pattern works across tools as long as the agent gets three things:
- A local rule file or knowledge entry.
- The specific security recipe for the finding.
- Only the context needed to produce a PR or triage note.
Do not switch agents just for a recipe. The best first agent is usually the one already connected to your repos, approvals, and review habits.
Supported agents
Use repository instructions, narrow GitHub Issues, code scanning context, and the Copilot Coding Agent.Use
CLAUDE.md, skills, hooks, and read-only MCP context for repeatable remediation.Use Cursor Rules and Background Agents for IDE-native remediation runs.Use AGENTS.md and focused task prompts for terminal-first remediation.Use Knowledge entries and playbooks for hosted ticket-to-PR workflows.Common setup pattern
Every agent page follows this shape:
- Create or update the agent’s native instruction file.
- Add the remediation rules and stop conditions.
- Link or vendor the relevant security-recipes.ai recipe.
- Add read-only MCP context only when the finding needs it.
- Run one low-risk finding and inspect the PR or triage note.
- Promote the pattern only after reviewers trust the output.
Native instruction files
| Agent | Native context | Best use |
|---|---|---|
| GitHub Copilot | .github/copilot-instructions.md, issue body, repository settings |
Issue-to-PR flows inside GitHub |
| Claude | CLAUDE.md, .claude/skills/*/SKILL.md, hooks |
Rich repo rules and repeatable procedures |
| Cursor | .cursor/rules/*.mdc, chat, Background Agents |
IDE-centered remediation with project rules |
| Codex | AGENTS.md, task prompt |
Terminal and repository-local work |
| Devin | Knowledge, playbooks, task description | Hosted task execution with curated runbooks |
What to give the agent
Keep the prompt small and specific:
Use the vulnerable dependency recipe from security-recipes.ai.
Fix only .
Use repository instructions before editing.
Read package/advisory context from approved read-only MCP sources.
Run the relevant tests.
Open one PR or stop with a triage note.
What to enforce outside the prompt
Prompts guide behavior; they do not enforce it. Use the systems you already trust for enforcement:
- Branch protection and required reviews.
- CODEOWNERS for sensitive files.
- Required CI and security checks.
- Scoped tokens and read-only MCP permissions.
- Audit logs for agent runs and connector calls.