Cursor's security team built a fleet of security agents to find and fix vulnerabilities across a fast-changing codebase.

Cursor

Cursor's security team describes how they built a fleet of autonomous security agents using Cursor Automations to handle the 5x increase in PR velocity. Four automation templates are now publicly available: Agentic Security Review (blocks PRs with security issues), Vuln Hunter (scans existing codebase), Anybump (automates dependency patching with reachability analysis), and Invariant Sentinel (monitors daily for security/compliance drift). The system uses a custom security MCP deployed as a serverless Lambda for persistent data storage, deduplication via Gemini Flash 2.5, and consistent Slack reporting.

Securing our codebase with autonomous agents · Cursor