Recipes

Daily security check

Run a daily security check by scheduling Scout to inspect acme/api, summarize risks, and ask for review when the result needs a human decision.

What you'll build

A weekday schedule trigger.
A Scout agent step with access to GitHub search tools.
A request_review interaction step for the platform lead.

Prerequisites

A connected GitHub integration for acme/api.
An agent named Scout (agt_scout) with a toolkit that grants github.code.search and read-only repository actions.
A Mobius user to receive review interactions.

Build it

In the app, open Build > Loops.
Create a loop named Daily security check.
Add a Schedule trigger for weekdays at 08:30.
Add an agent step named Inspect repository.
Give Scout instructions to search for risky patterns and return a short risk note.
Add an interaction step named Review finding.
Use request_review, any_of, and an input mode so the reviewer can leave notes.
Create the loop as active.

Your loop now produces one daily run and pauses when a human review is needed.

Finished spec

schema_version: "1"
name: daily-security-check
description: Search for risky code patterns and request review.
concurrency: skip
triggers:
  - key: weekday-security-check
    name: Weekday security check
    kind: schedule
    enabled: true
    config:
      cron: "30 8 * * MON-FRI"
      timezone: "America/New_York"
steps:
  - key: inspect
    name: Inspect repository
    kind: agent
    config:
      agent_id: agt_scout
      tool_names:
        - github.code.search
        - github.file.get
      instructions: |
        Search acme/api for risky changes around authentication, API keys,
        billing checks, and webhook verification. Return markdown with a
        risk summary, evidence links, and a recommendation.
    save_as: security_note
  - key: review
    name: Review finding
    kind: interaction
    config:
      protocol: request_review
      targets:
        - usr_platform_lead
      prompt: |
        Review Scout's daily security note. Add follow-up instructions or
        mark it clear.
      resolution_policy: any_of
      spec:
        mode: input
        multiline: true
        placeholder: "Clear, or note the follow-up issue to open."
    timeout:
      duration: 8h
      on_timeout: fail
    save_as: security_review

Run it

Start a manual run once before relying on the schedule:

run.started
step.started          step=inspect kind=agent
step.completed        step=inspect
step.started          step=review kind=interaction
interaction.requested step=review
run.suspended

After the reviewer responds:

interaction.responded
wait.resumed
step.completed step=review
run.completed

The output should include Scout's note and the review response:

{
  "security_note": "No high-risk changes found. Watch webhook signature tests.",
  "security_review": {
    "value": "Clear. Open a follow-up if webhook fixtures drift again."
  }
}

If this loop becomes noisy, narrow Scout's toolkit or split the check into separate loops by risk area. Security checks are useful only when reviewers trust the signal.

Variations

Add github.issue.create after review to open a follow-up issue.
Replace the interaction with slack.message.post for a read-only daily digest.
Use a run-scoped managed environment if the check needs to clone and inspect a repository filesystem.

Grant tools through toolkits and skills.
Pause for review with interactions.
Bound long-running checks with usage limits.