Inline orchestration workflow for security vulnerability detection and remediation with Beads integration. Provides step-by-step phases for security-scanner detection, priority-based fixing with vulnerability-fixer, and verification cycles.
You ARE the orchestrator. Execute this workflow directly without spawning a separate orchestrator agent.
Beads Init → Detection → Create Issues → Fix by Priority → Close Issues → Verify → Beads Complete
Max iterations: 3 Priorities: critical → high → medium → low Beads integration: Automatic issue tracking
Setup directories:
mkdir -p .tmp/current/{plans,changes,backups}
Validate environment:
package.json existstype-check and build scripts existCreate Beads wisp:
bd mol wisp exploration --vars "question=Security vulnerability scan"
IMPORTANT: Save the wisp ID (e.g., mc2-xxx) for later use.
Initialize TodoWrite:
[
{
"content": "Security scan",
"status": "in_progress",
"activeForm": "Scanning for vulnerabilities"
},
{ "content": "Create Beads issues", "status": "pending", "activeForm": "Creating issues" },
{
"content": "Fix critical vulnerabilities",
"status": "pending",
"activeForm": "Fixing critical vulnerabilities"
},
{
"content": "Fix high priority vulnerabilities",
"status": "pending",
"activeForm": "Fixing high vulnerabilities"
},
{
"content": "Fix medium priority vulnerabilities",
"status": "pending",
"activeForm": "Fixing medium vulnerabilities"
},
{
"content": "Fix low priority vulnerabilities",
"status": "pending",
"activeForm": "Fixing low vulnerabilities"
},
{ "content": "Verification scan", "status": "pending", "activeForm": "Verifying fixes" },
{ "content": "Complete Beads wisp", "status": "pending", "activeForm": "Completing wisp" }
]
Invoke security-scanner via Task tool:
subagent_type: "security-scanner"