Enterprise
Cursor: Security for Agents
Security Agents scan your code for security bugs, risky patterns, and vulnerabilities. There are two Cursor-managed types: a Security Reviewer that checks pull requests before they merge, and a Vulnerability Scanner that scans your codebase at rest on a schedule. Both run on the Automations platform and require Cloud Agents, and each agent needs at least one tool or MCP to run.
On this page
What are Cursor Security Agents?
Security Agents scan your code for security bugs, risky patterns, and vulnerabilities. Cursor ships two managed agent types that cover different moments in the lifecycle: one reviews changes as they come in, the other goes looking for what is already there. The split below is the first decision you make when you set one up.
Checks pull requests before they merge.
Use it to catch vulnerabilities during code review.
Scans your codebase at rest.
Use it to find pre-existing vulnerabilities, long-standing issues, and problems missed during PR review.
Both agent types run on the Automations platform and require Cloud AgentsAgents that run in a Cursor-managed virtual machine, check out the repo, do the work and open a pull request, then shut down, with no load on your laptop.. You configure them from the Security Agents Dashboard at cursor.com/dashboard/security-agents, where you create your first agent.
When does each agent run?
The two agent types take different triggers, which is what makes the Reviewer fit code review and the Scanner fit ongoing coverage. Match the trigger to the agent before you turn anything on.
- Agent type
- Security Reviewer
- Trigger
- Git-based Automations triggers, including pull request and merge request events
- When it runs
- When code changes
- Agent type
- Vulnerability Scanner
- Trigger
- Cron-based triggers
- When it runs
- On a recurring schedule, independent of pull request activity
| Agent type | Trigger | When it runs |
|---|---|---|
| Security Reviewer | Git-based Automations triggers, including pull request and merge request events | When code changes |
| Vulnerability Scanner | Cron-based triggers | On a recurring schedule, independent of pull request activity |
Triggers are configured per agent in the Security Agents Dashboard.
How do you configure what each agent reviews?
Each agent has three configuration surfaces: the built-in checks it runs, custom instructions that give it context, and the tools or MCPs it uses to do its work and report findings. They stack, so a single agent can run a tuned set of checks, follow project-specific guidance, and push results into the system your team already uses.
- Security checks
- Both agent types include built-in checks. Enable or disable individual checks based on what you want each agent to review.
- Custom instructions
- Describe the types of issues to prioritize, explain project-specific security expectations, or define how the agent should behave.
- Tools and MCPs
- Both types support tools and MCPs. Each agent needs at least one tool or MCPModel Context Protocol. A standard that lets an AI agent pull in context from outside the repo, like Jira tickets or internal docs. to run.
Tools and MCPs are how a Security Agent connects to where your team tracks security work. Use them to do three things:
- Send vulnerabilities to a Slack channel, issue tracker, or another connected system.
- Add custom instructions that explain when and how the agent should use each MCPModel Context Protocol. A standard that lets an AI agent pull in context from outside the repo, like Jira tickets or internal docs..
- Give the agent extra context from tools or MCPs before it reports a finding.
Security Agents run on Cloud AgentsAgents that run in a Cursor-managed virtual machine, check out the repo, do the work and open a pull request, then shut down, with no load on your laptop.. You can use Cursor's cloud with no additional setup, or configure self-hosted Cloud Agents to run reviews in your own environment.
How do you run a security review from your own agent?
You don't have to wait for a pull request. Use the /review-security or /review skills to run the Security Agent from your agent before you push the code, so you catch findings while the change is still local.
- What diff is reviewed: by default,
/review-securityreviews your branch changes, meaning every change relative to the base branch, including committed and uncommitted changes. Ask it to review only your uncommitted changes when you want narrower feedback. - Against which branch:
/review-securitycompares against your default base branch. When your base branch isn't the default (such asmain), tell the agent which branch to compare against or let it infer from the context.
/review and /review-security are available in Cursor 3Cursor's agent-forward interface (also called the agent window or Glass), built to run and supervise many agents at once rather than edit one file..7+ and at cursor.com/agents. CLI support is coming soon.
How are Security Agents billed and measured?
Security Agents are billed at the team usage level. Usage is charged to the team's usage pool, and agents run under a shared team service account, so they don't affect any individual user's usage.
For measurement, Security Agents track three key metrics across runs. To decide whether an issue was fixed, Cursor uses LLMs to review incremental diffs and assess whether the flagged issue was resolved.
- Metric
- Vulnerabilities found
- What it reports
- The number of security findings reported by agents.
- Metric
- Issues fixed
- What it reports
- The number of findings that were resolved after they were reported.
- Metric
- Resolution rate
- What it reports
- The percentage of reported findings that were fixed.
| Metric | What it reports |
|---|---|
| Vulnerabilities found | The number of security findings reported by agents. |
| Issues fixed | The number of findings that were resolved after they were reported. |
| Resolution rate | The percentage of reported findings that were fixed. |
Metrics are tracked across agent runs in the dashboard.
Every agent run is tracked in the dashboard. The run history shows when an agent ran, which tools it used, its final status, and how long it took. Open a run to inspect the underlying Cloud Agent for more detail about what the agent did.
Frequently asked questions
What is the difference between the Security Reviewer and the Vulnerability Scanner?
The Security Reviewer checks pull requests before they merge, using Git-based triggers, to catch vulnerabilities during code review. The Vulnerability Scanner scans your codebase at rest on a cron schedule, to find pre-existing vulnerabilities, long-standing issues, and problems missed during PR review.
Do Security Agents require Cloud Agents?
Yes. Both agent types run on the Automations platform and require Cloud Agents. You can use Cursor's cloud with no additional setup, or configure self-hosted Cloud Agents to run reviews in your own environment.
Can I run a security review before I push my code?
Yes. Use the /review-security or /review skills to run the Security Agent from your agent before you push. They are available in Cursor 3.7+ and at cursor.com/agents; CLI support is coming soon.
Sources & last verified
Cursor ships frequently. Facts verified against primary sources on June 26, 2026.