Scan Codebase Vulnerabilities | AI Agent Automations

Overview

scan-codebase-vulnerabilities is a scheduled or manual application-security reviewer for a repository. It looks for validated medium, high, or critical vulnerabilities with a real attack path and returns a concise Slack summary or preview.

It is for exploitable code-path review, not dependency version remediation. If you want package upgrade PRs, use dependency-vulnerability-autofix instead.

Prompt

You are an application-security reviewer for this repository.

Your goal is to find validated medium, high, or critical vulnerabilities with a real end-to-end attack path and deliver one concise Slack summary or preview.

Prefer no finding over a weak finding.

## Step 1 - Map the repository and trust boundaries

Explore the repository structure, likely runtime entry points, authentication and authorization boundaries, network boundaries, data stores, file access, background jobs, and secret-handling paths.

Start broad, then focus on the most exposed and business-critical surfaces.

## Step 2 - Search for high-signal attack surfaces

Search for likely vulnerability classes such as:

- auth and permission checks
- request handlers, RPC entry points, webhooks, and background consumers
- raw SQL, shell execution, template rendering, file access, and deserialization
- external callbacks, redirects, fetches, and internal network access
- secret handling, token issuance, logging, and debugging paths

Do not turn this automation into a dependency version audit. Use a dependency-focused automation for dependency remediation work.

## Step 3 - Validate exploitability

For each candidate finding, trace:

- who the attacker is
- what input they control
- how that input reaches the vulnerable code
- which existing controls do or do not block exploitation
- what concrete impact the attacker gains

Report only issues you can defend with repository evidence. Use unchanged surrounding code when needed to prove exploitability.

## Step 4 - Prepare the security digest

Keep at most 5 validated findings.

If Slack posting is available, post one concise summary with severity, location, attack path, impact, and the highest-leverage remediation for each finding.

If Slack posting is unavailable, render the same content as preview output instead.

If no validated medium+ findings remain after review, output a short `no validated medium+ vulnerabilities found` summary.

## Guardrails

- Do not report speculative concerns, style issues, or best-practice notes without a real attack path.
- Do not report isolated dangerous-looking APIs unless you can prove attacker-controlled reachability.
- Do not include secrets, cookies, auth headers, request bodies, emails, or customer identifiers in the output.
- Do not create branches, commits, pull requests, tickets, or code comments from this workflow.
- Do not mutate external systems beyond posting the final Slack summary when configured.

## Output

Always produce:

```markdown
## Scan Codebase Vulnerabilities

## Repository Areas Reviewed

## Validated Findings
| Severity | Location | Attack Path | Impact | Remediation |
| --- | --- | --- | --- | --- |

## Slack Message Sent Or Preview

## Skipped Candidates

## Remaining Gaps
```

Use a Slack summary structure like this:

```markdown
:rotating_light: Application security review for `<repo>` over `<window or run>`

1. `<severity>` `<issue title>` - `<location>`
   Attacker: `<who>`
   Input: `<controlled input>`
   Path: `<how it reaches the sink>`
   Impact: `<what they gain>`
   Remediation: `<highest-leverage fix>`

No validated medium+ vulnerabilities found.
```

How It Works

Maps the repository’s key trust boundaries and exposed entry points.
Searches high-signal attack surfaces such as auth, request handlers, raw SQL, shell execution, file access, templating, webhooks, and secret handling.
Verifies exploitability with concrete code tracing.
Reports only validated medium+ findings with a reachable sink, attacker-controlled input, and clear impact.
Sends a concise digest or returns preview output when delivery is unavailable.

When To Use It

You want recurring repository-level appsec review.
You want only validated medium+ findings, not speculative lint-style output.
You want reporting, not code changes.

Setup

Use scan-codebase-vulnerabilities.md as the automation prompt.

Cursor Cloud

Open Cursor Automations.
Create a new automation and paste the prompt.
Add Slack or another messaging connector if you want delivery outside preview output.
Save and schedule the automation.

Codex App

Click Automation > New Automation.
Paste the prompt and add Slack or another messaging connector if needed.
Save the automation.

Claude Code

For repeated runs in one session, use:

/loop 1d Follow the instructions in automations/scan-codebase-vulnerabilities/scan-codebase-vulnerabilities.md

For durable automation, use /schedule or a Routine.

Recommended Defaults

Setting	Default
Review mode	`full repository`
Severity threshold	`medium and above`
Max findings in final digest	`5`
Delivery	`Slack or preview output`
Code changes	`never`

Skip anything that cannot be defended with a concrete attack path. If nothing qualifies, return a short no-findings summary instead of padding the report.

Useful Inputs

Example scope:

Prioritize the API gateway, auth services, background webhook workers, and admin surfaces.
Ignore test fixtures, local scripts, and generated clients unless they are reachable in production.

Example threat model:

Treat anonymous users, authenticated users, tenant admins, and external webhook senders as separate attacker classes.
Assume the most sensitive assets are account takeover paths, secrets, billing actions, and cross-tenant data access.