Fleet 1.13:Teams are now shipping 5x more PRs with autonomous pipelines.See what's new →
FleetFleet
Use case

AI Agents for Security Review

Security review happens too late and too infrequently. In most teams it is either a pre-release gate that becomes a rubber stamp under deadline pressure, or it happens only when an external audit is scheduled. The gaps in between ship unreviewed code.

The mechanical part of security review — checking for known vulnerability patterns, verifying input validation, confirming secrets are not hardcoded, reviewing authentication logic for common mistakes — can be applied systematically to every PR. The judgment part — deciding whether a particular design choice introduces acceptable risk — requires a human security engineer.

How it works with an agent fleet

A security-review agent is a prompt-driven reviewer that runs on PRs and checks for common vulnerability patterns, then publishes a normal review event to fabric for the team to act on.

agents:
  - name: security-reviewer
    role: tech-lead
    model: claude-opus-4-7
    subscribes_to: pr_needs_review

The agent's prompt lives at .fleet/prompts/security-reviewer.md — Fleet resolves it by convention from the agent name, so there is no prompt: field in config. What makes it a security reviewer is entirely the prompt: you describe your authentication patterns, authorization model, input validation rules, secrets management approach, and the vulnerability categories relevant to your stack. The agent applies those rules and publishes a pr_approved or pr_changes_requested event like any other reviewer. Humans own final security sign-off.

The fleet pattern

The security reviewer is one of potentially multiple reviewer agents on the PR chain. It runs in parallel with the tech-lead on pr_needs_review and publishes its own review event. Findings that warrant a change are published as pr_changes_requested; the release gate already requires a clean review (no later pr_changes_requested) before merge. For sensitive changes, humans review the agent's findings and provide the actual sign-off.

Guardrails that matter here

  • Security reviewer agent cannot approve on its own authority for sensitive changes — it surfaces concerns as normal review events and final security sign-off requires a human
  • Audit trail logs every security review finding with the specific code reference and the agent's reasoning
  • A `pr_changes_requested` event keeps the release gate closed until the concern is resolved and re-reviewed

Who this is for

Engineering teams that want security concerns surfaced on every PR rather than in periodic audits. The agent applies your documented security requirements consistently. It does not replace a security engineer for architectural decisions or penetration testing.

Frequently asked questions

Can the agent run SAST tools like Semgrep or Snyk?

Yes. If those tools are installed in the environment, you can instruct the agent to run them in the agent prompt and include their output in the review. The agent synthesizes the tool output with its own analysis.

Is this a replacement for a human security review?

No. The agent handles consistent application of documented security rules on every PR. Architectural security decisions, threat modeling, and sign-off on high-risk changes require a human security engineer.

Related use cases

AI Agents for Code ReviewAI Agents for Pull Request ReviewAI Agents for Dependency Upgrades

Run your first agent fleet

One binary. Five minutes. See every agent, coordinate every handoff, and keep a full audit trail of what your fleet did.

See how it worksInstall Fleet