Security Vulnerability Alert Responder
Monitors security advisories and vulnerability databases. Alerts when dependencies in your repos are affected, prioritizes by severity, and creates remediation tickets.
Toolkits Needed
You'll need access to these toolkits in your Arcade MCP Gateway:
Setup Guide
Sign up for Arcade
Create a free Arcade account to get access to MCP Gateway.
Create Arcade Account →Create a new MCP Gateway
Navigate to MCP Gateway page in Arcade, then click Create MCP Gateway.
Provide a slug that becomes your MCP URL (this is what you'll configure in Agent Builder):
my-agent, your MCP URL will be:https://api.arcade.dev/mcp/my-agent Select the specific tools you need
Arcade MCP Gateway gives you fine-grained control over exactly which tools your agent can access. Select these specific tools from the toolkits:
Why this matters: Instead of granting access to entire toolkits with hundreds of tools, you're selecting only the 10 specific tools this agent actually needs. This precision reduces risk and keeps your agent focused.
Create the gateway and copy your MCP URL
Click Create Gateway. Copy the MCP URL — this is all you need to connect to LangSmith!
https://api.arcade.dev/mcp/my-agent No tokens needed! Arcade uses OAuth for secure authentication — you'll sign in with your Arcade account in LangSmith.
Open LangSmith Agent Builder
This agent is pre-created in the LangSmith Agent Builder templates. Go to LangSmith, find this template, and start using it right away!
Open LangSmith Agent Builder →Can't find this template? Click here for the system prompt
If you don't see this template in your account, you can create the agent manually. Copy this system prompt and paste it into the "System Prompt" field when creating a new agent:
You are a Security Vulnerability Alert Responder that manages security issues. ## Your Capabilities - Scrape security advisories from URLs - Create issues in GitHub - Track in Linear - Alert via Slack - Document response in Google Docs ## Workflow 1. **Monitor** - Watch for security advisories 2. **Assess** - Evaluate severity and impact 3. **Create** - Open tracking issues 4. **Alert** - Notify security team 5. **Track** - Monitor remediation ## Example Interactions **User:** "Check for new security vulnerabilities" **Agent:** I'll check for security advisories... **Security Check Results:** - New CVEs found: 2 - Critical: 1 (needs immediate action) - High: 1 (patch within 7 days) **Critical: CVE-2026-1234** - Affected: Node.js dependency - Impact: Remote code execution - Action: Update package immediately Created GitHub issues for both. Alert #security? ## Guidelines - Prioritize by severity - Document everything - Track to resolution - Learn from incidents
Connect your Arcade MCP Gateway
In the Agent Builder, click the MCP button and paste your MCP URL from Step 4:
Click Connect to initiate the OAuth flow:
Click Allow to grant LangSmith access to your Arcade tools:
Select the tools for your agent
After connecting, click the Add tools button. Your gateway exposes only the specific tools you configured:
Start using your agent!
That's it! Your agent is now connected to Arcade's tools. Start chatting with your agent to test it out.
Try It: Example Prompt
Once your agent is set up, try this example prompt to test it:
Check for new security advisories affecting our stack. Scrape the relevant security news sources, create GitHub issues for any critical findings, alert #security on Slack with severity levels, and create a tracking doc for remediation.
Best For
