IDE Integration

Bring security analysis directly into your development workflow. IDE integration gives coding agents a persistent memory layer and access to dynamic runtime data.

Why IDE Integration?

IDE integration is a game changer for coding agents in Cursor and Claude Code:

Persistent Memory

Agent Inspector remembers security findings across coding sessions. Your IDE agent always has context about known vulnerabilities.

Runtime Data Access

Query dynamic analysis results directly from your IDE. See how your code changes affect runtime behavior without leaving your editor.

Correlation Capability

Connect static code findings with runtime evidence. Prioritize real risks by understanding which issues are validated in production.

Slash Commands

Run security scans, get fixes, check gates — all without leaving your editor. Fast, integrated, developer-friendly.

Setup: Cursor

Copy this command into Cursor and it will set everything up:

Fetch and follow instructions from https://raw.githubusercontent.com/cylestio/agent-inspector/main/integrations/AGENT_INSPECTOR_SETUP.md
After Setup
  1. Restart Cursor
  2. Approve the MCP server when prompted
  3. Start Agent Inspector: uvx agent-inspector anthropic
  4. Try /agent-scan to test the connection

Setup: Claude Code

Use the plugin marketplace to install:

/plugin marketplace add cylestio/agent-inspector
/plugin install agent-inspector@cylestio
After Setup
  1. Restart Claude Code for MCP connection to activate
  2. Start Agent Inspector: uvx agent-inspector anthropic
  3. Try /agent-scan to test the connection

Slash Commands

Use these commands directly in your IDE:

Command Description
/agent-scan Run static analysis on your agent code. Detects OWASP LLM Top 10 vulnerabilities.
/agent-analyze View dynamic analysis results from runtime monitoring.
/agent-correlate Connect static findings with runtime evidence. Shows VALIDATED, UNEXERCISED, THEORETICAL states.
/agent-fix <id> Get AI-powered, context-aware fix for a specific finding.
/agent-gate Check production readiness status. Shows GO/NO-GO decision.
/agent-report Generate compliance report (Security Assessment, Executive Summary, or Customer DD).
/agent-status Check Agent Inspector server connection and current state.
/agent-debug Explore sessions, events, and debug agent behavior at runtime.

MCP Protocol

IDE integration uses the Model Context Protocol (MCP) for communication. MCP provides a standardized way for AI assistants to interact with external tools and data sources.

MCP Tools

Agent Inspector exposes 17+ MCP tools for your IDE agent to use:

Analysis Tools

  • run_static_scan
  • get_dynamic_analysis
  • correlate_findings
  • get_recommendations

Session Tools

  • get_workflow_agents
  • get_workflow_sessions
  • get_session_events
  • get_event

Remediation Tools

  • get_fix_suggestion
  • apply_fix
  • dismiss_finding
  • verify_fix

Reporting Tools

  • check_gate_status
  • generate_report
  • get_owasp_coverage
  • export_findings

Typical Workflow

Start Agent Inspector

uvx agent-inspector anthropic

Run Static Scan

In your IDE:

/agent-scan

Run Your Agent Tests

Execute 20+ sessions with varied inputs through the proxy.

Correlate & Fix

/agent-correlate
/agent-fix finding-001

Check Gate

/agent-gate

Without IDE Integration

IDE integration is optional. You can use Agent Inspector standalone:

  • Proxy: http://localhost:4000 — point your agent here
  • Dashboard: http://localhost:7100 — web UI for all features
  • CLI: agent-inspector scan ./path — command-line static analysis

IDE integration adds persistent memory, slash commands, and a more integrated developer experience — but all the same capabilities are available through the dashboard.

← Quick Start Static Analysis →