Code Agents

Code Agents

Code agents — Cursor and Claude Code, and similar AI-powered coding assistants — operate directly inside developer IDEs and workstations. They read and write files, execute shell commands, and interact with MCP servers. The attack surface is the local development environment, not a network endpoint.

Highflame secures code agents through a local daemon that hooks into IDE and shell activity. It enforces policies in real time with no network round-trips and no gateway in the data path. Detection covers prompt injection, dangerous shell commands, credential file access, supply chain attacks via poisoned MCP tool descriptions, and more.

Key characteristics:

• IDE-agnostic — one daemon, universal hooks; works with Cursor and Claude Code

• No proxy or gateway required — runs as a local system service, adding no latency to normal development workflows

• MCP scanning — discovers and scans MCP servers configured in the IDE for tool poisoning, path traversal, injection vectors, and other MCP-specific vulnerabilities

• Full visibility — code agent sessions, threats, and MCP usage appear in Highflame Studio and Observatory alongside gateway and browser activity

Start here: Code Agents → Quick Start

For policies and threat response: Code Agent Policies · Threat Response