Security Review Resolver
An automated iterative loop that analyzes code for security vulnerabilities, runs security checks, identifies issues, implements fixes, and continues until security approval is achieved. The agent self-paces through act → check → inspect cycles to ensure code meets security standards.
Goal
Address security concerns through iterative review and remediation until approval is received
How to Run
Initiate the security review loop in your preferred coding environment. The agent will automatically perform security analysis, implement fixes, and iterate until approval criteria are met.
- 01
Start Security Review Loop
Execute the kickoff prompt in Cursor, Claude Code, Codex, OpenCode, or Gemini CLI to begin the automated security review process
- 02
Monitor Agent Progress
Observe the agent's iterations as it runs security checks, analyzes results, and applies fixes to the codebase
- 03
Receive Approval Notification
The loop exits automatically when security checks pass and approval is received, delivering a secure codebase
Workflow Steps
- 01
Analyze codebase for potential security vulnerabilities using static analysis tools
- 02
Run automated security check command and capture results
- 03
Parse and inspect security check output to identify failed checks
- 04
Implement targeted code fixes for identified vulnerabilities
- 05
Document all security changes with rationale and impact assessment
- 06
Validate fixes through re-running security checks
- 07
Iterate until all security checks pass and approval is received
Kickoff Prompt
Start the "Security Review Resolver" loop. Goal: Address security concerns through iterative review and remediation until approval is received Max iterations: 10 Between iterations run: security review Exit when: Security approval received Begin iterative security review process: Analyze this codebase for security vulnerabilities, run 'security review' checks, identify issues from results, implement minimal targeted fixes, document changes, and continue loop until receiving security approval. Handle exceptions gracefully and maintain detailed logs of each iteration's findings and changes. Self-pace this loop. After each iteration, run `security review` and evaluate the output, and only continue if the exit condition is not met (Security approval received). Stop when the exit condition passes or 10 iterations are reached. Give a short status update each pass.
Guardrails
hardcoded- ·Only modify code files related to identified security vulnerabilities
- ·Never introduce new external dependencies without explicit approval
- ·Maintain audit trail of all security-related changes
- ·Preserve existing functionality while implementing security fixes
- ·Run additional validation after each fix to prevent regressions
- ·Prioritize high-severity vulnerabilities first
Flow Diagram
Related loops — Review
Review
Address Review Feedback
This loop systematically identifies, analyzes, and resolves unresolved code review comments to improve code quality and ensure all feedback is addressed before merging.
Review
PR Polish Loop
An automated workflow loop that iteratively reviews and improves pull request code quality to achieve merge readiness. This loop focuses on code standards, testing, documentation, and best practices through self-paced agent iterations.
Review
Self-Review Loop
A self-paced loop for coding agents to iteratively review and improve their pull request quality before submission. The agent acts on the codebase, runs automated checks, inspects results, and refines changes until all quality criteria are met.