ENDOR LABS LAUNCHES AURI: FREE SECURITY INTELLIGENCE FOR AI CODING AGENTS
Endor Labs launched AURI, a free security intelligence layer for AI coding agents that scans code and dependencies for vulnerabilities, secrets, and malware and...
Endor Labs launched AURI, a free security intelligence layer for AI coding agents that scans code and dependencies for vulnerabilities, secrets, and malware and helps fix issues.
AURI by Endor Labs is now available to everyone, with its Skills plugin, MCP, and CLI offered free for developers. The tools let teams detect vulnerabilities and exposed secrets in first-party code and open source dependencies, block malware attacks, and fix security bugs.
The pitch is to embed security into the architecture of agentic coding across editors, CI pipelines, and cloud environments, keeping pace with AI-written and AI-reviewed code. For backend and data teams trialing agents in the SDLC, AURI offers a standard way to gate risky changes and automate remediation early in the pipeline.
AI-generated code expands the attack surface, and an agent-aware security layer helps catch issues before merge and deploy.
Free availability lowers adoption friction to standardize scanning and blocking across repos and pipelines.
-
terminal
Run the AURI CLI in CI on representative services to baseline detection quality, noise, and build-time overhead.
-
terminal
Validate MCP/Skills plugin behavior with your AI agents and IDEs to ensure secrets/vuln blocking doesn’t disrupt developer flow.
Legacy codebase integration strategies...
- 01.
Map current SAST/dependency scanners and pilot AURI alongside them in a non-prod pipeline to gauge overlap and coverage gaps.
- 02.
Start with one service to tune secrets and dependency policies, integrate findings into your existing triage/backlog process, and measure false-positive rates.
Fresh architecture paradigms...
- 01.
Bake AURI CLI and MCP hooks into repo templates and CI from day one to create a default-secure agent workflow.
- 02.
Define standard remediation playbooks and agent permissions so AI-authored changes remain auditable and policy-enforced.