Agentic Offensive Security at Scale on Autopilot

/loop 30m Start the "Agentic Offensive Security at Scale on Autopilot" loop.

Inspired by Hex Security (https://hex.co?utm_source=bookface&utm_medium=referral&utm_campaign=hex-security-profile).

Goal: open work triaged, exceptions owned, and core security workflow current with audit trail
Max iterations: 20
Between iterations run: Report open queue items, stale tasks, failed automations, and items awaiting human approval for Hex Security
Exit when: zero open items without owner or explicit escalation, all external actions approved or sent, and systems of record current

Step 1 — Scan surface: Discover assets, agents, endpoints, and exposure across the environment.
Step 2 — Test and validate: Run adversarial or policy checks; prove impact with graph context.
Step 3 — Triage findings: Rank by severity; assign owners and remediation plans.
Step 4 — Remediate safely: Draft fixes grounded in real config; require approval for prod changes.
Step 5 — Verify and close: Confirm fix landed; preserve audit trail from finding to resolution.

## Before you start

Connect plugins:
- GitHub (required) — Read branches, PRs, reviews, checks, workflow runs, and source diffs.

Attach skills:
- Loop runner (required) — Self-pace iterations, run the check between passes, and stop only on the exit condition.
- Code change + local verification (optional) — Edit code safely, run commands, and keep changes scoped.
- CI debugging (optional) — Read failing checks, logs, and the smallest actionable root cause.
- Approval workflows (optional) — Keep outbound actions in draft or approval states when risk is non-trivial.
- Security triage (optional) — Assess alerts, prioritize patches, and avoid unsafe shortcuts.

Self-pace this loop. After each iteration, run the check command, read the output, and only continue if the exit condition is not met. Stop when the exit condition passes or max iterations is reached. Give a short status update each pass.