That is interesting, I have a good idea about setting up some red team agents and blueteam agents with claude code and seeing if we can improve security by testing things. In the pen test world these AI tools have basically beat all humans breaking into systems with no AI assistance.

If you have anymore details I would love to hear from your experience and what you think would be useful to look at. I will make a ticket based on this concern. I really want to make this as secure as we can and have people poke and do the code reviews. :)

Or analyse the code base. I am using security agents to harden the code base and testing end to end testing based on that.

Adding some security agents in the loop is a great idea!