Cursor Launches Managed Security Agents to Audit Pull Requests and Track Fixes

Apr 30, 2026 · Updated May 9, 2026

Cursor, an AI-first code editor built for pair-programming, launched Security Review for its Teams and Enterprise plans. The update introduces two managed agent types: a Security Reviewer for pull requests and a Vulnerability Scanner for scheduled codebase scans. These agents run on the Automations platform using Cursor's cloud-based agent infrastructure.

Availability: Teams and Enterprise plans
Agent types: Security Reviewer, Vulnerability Scanner
Triggers: Git events, cron schedules
Integrations: Slack, MCP, GitHub, GitLab
Key metrics: Vulnerabilities found, issues fixed, resolution rate
Execution environment: Cloud Agents or self-hosted pools

This release formalizes Cursor's security agent templates previously shared from its own internal fleet. As agentic coding accelerates development cycles, manual security reviews become a bottleneck. Managed security agents provide a continuous safety net, mirroring the multi-agent review patterns recently introduced in Claude Code Ultrareview.

Configure these agents via the Security Review Dashboard to trigger on Git events or cron schedules. They support custom instructions and MCP integrations to report findings to Slack. Cursor also tracks a resolution rate, using LLMs to verify if vulnerabilities were fixed. This is available for Teams and Enterprise subscribers.

View the full update on cursor.com

Cursor

@cursor_aiApr 30

Cursor Security Review is now available for Teams and Enterprise plans. Run two types of always-on agents: 1. Security Reviewer checks every PR for vulnerabilities and leaves comments. 2. Vulnerability Scanner runs scheduled scans of your codebase and posts findings in Slack. https://t.co/TKaqYKJxm8

58651

View on X

Still wondering? A few quick answers below.

Cursor Security Review is a suite of managed AI agents designed to identify vulnerabilities and risky patterns in codebases. It includes two specific agent types: a Security Reviewer that audits pull requests before they are merged and a Vulnerability Scanner that performs recurring, scheduled scans of the entire codebase to find pre-existing security bugs.

This feature is exclusively available to users on Cursor Teams and Enterprise plans. It requires the use of Cloud Agents, which are remote environments where these autonomous tasks execute. Organizations can choose to run these agents on Cursors managed cloud infrastructure or configure their own self-hosted agent pools for increased control over their environment.

Cursor uses large language models to track the resolution of reported vulnerabilities by analyzing incremental code changes. The system reviews the diffs between code versions to assess whether a flagged issue has been resolved. This data is then used to calculate a resolution rate metric that is visible to administrators in the Security Review Dashboard.

Usage for these security agents is charged directly to the team's shared usage pool rather than individual user accounts. Because the agents run under a shared team service account, their activity does not impact the personal usage limits of individual developers. Every agent run is tracked in a centralized dashboard for history and status monitoring.

These agents support the Model Context Protocol, which is an open standard for connecting AI models to external data and tools. This allows the agents to send findings to external systems like Slack or issue trackers. Each agent requires at least one tool or protocol connection to function and report its findings to the team.