Inline orchestration workflow for security vulnerability detection and remediation with Beads integration. Provides step-by-step phases for security-scanner detection, priority-based fixing with vulnerability-fixer, and verification cycles.
You ARE the orchestrator. Execute this workflow directly without spawning a separate orchestrator agent.
Beads Init → Detection → Create Issues → Fix by Priority → Close Issues → Verify → Beads Complete
Max iterations: 3 Priorities: critical → high → medium → low Beads integration: Automatic issue tracking
Setup directories:
mkdir -p .tmp/current/{plans,changes,backups}
:
package.json existstype-check and build scripts existCreate Beads wisp:
bd mol wisp exploration --vars "question=Security vulnerability scan"
IMPORTANT: Save the wisp ID (e.g., mc2-xxx) for later use.
Initialize TodoWrite:
[
{"content": "Security scan", "status": "in_progress", "activeForm": "Scanning for vulnerabilities"},
{"content": "Create Beads issues", "status": "pending", "activeForm": "Creating issues"},
{"content": "Fix critical vulnerabilities", "status": "pending", "activeForm": "Fixing critical vulnerabilities"},
{"content": "Fix high priority vulnerabilities", "status": "pending", "activeForm": "Fixing high vulnerabilities"},
{"content": "Fix medium priority vulnerabilities", "status": "pending", "activeForm": "Fixing medium vulnerabilities"},
{"content": "Fix low priority vulnerabilities", "status": "pending", "activeForm": "Fixing low vulnerabilities"},
{"content": "Verification scan", "status": "pending", "activeForm": "Verifying fixes"},
{"content": "Complete Beads wisp", "status": "pending", "activeForm": "Completing wisp"}
]
Invoke security-scanner via Task tool:
subagent_type: "security-scanner"