RSS

Free security agent on GitHub AgentHQ, scans PRs and auto-fixes vulns

bararchy1 pts1 comments

Bright Security Agent · GitHub Marketplace · GitHub

Skip to content

Search or jump to...

Search code, repositories, users, issues, pull requests...

-->

Search

Clear

Search syntax tips

Provide feedback

--><br>We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Cancel

Submit feedback

Saved searches

Use saved searches to filter your results more quickly

-->

Name

Query

To see all available qualifiers, see our documentation.

Cancel

Create saved search

Sign in

Sign up

Appearance settings

Resetting focus

You signed in with another tab or window. Reload to refresh your session.<br>You signed out in another tab or window. Reload to refresh your session.<br>You switched accounts on another tab or window. Reload to refresh your session.

Dismiss alert

{{ message }}

Bright Security Agent<br>App

About

Bright agent for dynamic security scanning, fixing confirmed issues, and validating remediationsBy NeuraLegion<br>13 installs

Add<br>Tags<br>2 (2)<br>securityai-assisted

Verified

GitHub has verified the publisher's identity, ownership of their domain, and compliance with other requirements.<br>Pricing

Free. Available to all GitHub organizations with a free 14-day trial plan available.

Select a tab navigation<br>Bright Security Agent is an autonomous agent for dynamic application and API security testing directly in your GitHub environment. It analyzes your repository, builds and starts the application from source, automatically configures authentication, registers entrypoints, runs scans via Bright Repeater, and, if needed, proposes fixes for discovered vulnerabilities.

Key Features

Automated dynamic application security testing : Tests web apps, APIs, MCP tools, GRPC, GraphQL, etc...

AI-Powered Speed : Fast, intelligent scanning powered by deterministic scanner.

Remediation & Validation : In full mode, the agent not only finds vulnerabilities but also proposes fixes and validates them for up to 5 rounds.

Flexible Modes :

full: Complete cycle—startup, scan, remediation, validation (with harness fallback).

dynamic: Full startup and scan without fallback.

function: Scan individual functions via harness.

Security by Design : All actions are performed only against local targets (localhost, 127.0.0.1, etc.), never external/production addresses.

OIDC : Secure authentication via GitHub, no secrets stored in the repository.

Why Choose Bright

Actionable Security Insights : Get clear, prioritized findings with remediation guidance, not noise.

Comprehensive Coverage : Detects both common and advanced vulnerabilities, including business logic flaws.

Seamless Developer Experience : Easy to use, integrates with your workflow, and requires minimal setup.

Secure by Default : Designed to run only against local, non-production targets, keeping your environment safe.

How It Works

Detects and starts the target application from source.

Performs required setup and configuration steps.

Configures and verifies authentication.

Registers entrypoints and forms a scan plan.

Runs dynamic security testing via Bright Repeater.

Collects and analyzes results, proposes fixes, and re-validates them.

Usage Examples

Full scan and remediation

"Run a dynamic security scan for this application, fix the findings, and validate the fixes."

Pull request validation

"@bright-security-agent , scan the controllers affected by this pull request and fix any vulnerabilities found."

Bright security agent perform security review of a pull request, scans only affected endpoints and fix vulnerabilities in place

Resources

Support<br>Repository<br>Documentation<br>Privacy Policy<br>Terms of Service

Plans and pricing<br>Free. Available to all GitHub organizations with a free 14-day trial Available to all GitHub organizations with a free 14-day trial<br>$0

For organizations only<br>Full application & API security testing<br>Automated remediation validation<br>1 concurrent scan<br>5 weekly scan hours

Install it for freeNext: Confirm your installation location

Bright Security Agent is provided by a third-party and is governed by separate terms of service, privacy policy, and support documentation

About

Bright agent for dynamic security scanning, fixing confirmed issues, and validating remediationsBy NeuraLegion<br>13 installs

Verified

GitHub has verified the publisher's identity, ownership of their domain, and compliance with other requirements.<br>Tags<br>2 (2)<br>securityai-assisted

Pricing

Free. Available to all GitHub organizations with a free 14-day trial plan available.<br>Resources

Support<br>Repository<br>Documentation<br>Privacy Policy<br>Terms of Service

You can’t perform that action at this time.

security agent github bright scan free

Related Articles

The Newest Instagram "Exploit" Is the Goofiest I've Seen

ssiddharth34 ptsaccount attacker email instagram seen like

It's Not Just X. It's Y

mooreds21 ptslanguage model writing like grammarly human

Amazon, Facebook, FBI have access to a private intelligence-sharing network

root-parent18 ptsseattle prism shield network private intelligence

Show HN: GoPeek – open links in live mini browser windows without new tabs

GeorgeWoff2518 ptsgopeek open browser links live mini

Agent Memory: An Anatomy

brgsk17 ptsmemory library user agent semantic libraries
terms · privacy · disclaimer · contact · policy
© 2026 NewsHub. All rights reserved.
This site is for informational purposes only. Content is aggregated from publicly available sources. We may earn commissions through affiliate links. Not affiliated with Y Combinator or Hacker News.