Apiiro launches command-line tool to embed security directly into AI coding workflows
Application security company Apiiro has released a command-line interface designed to let AI coding agents access security controls in real time as they generate and modify code.
The move targets a widening gap in modern development. Traditional security tools were built for human code review. AI agents that produce code at scale operate in a different mode entirely, and existing tools struggle to keep pace.
Current security processes remain largely reactive. Teams scan finished code, find problems, and fix them after the fact. That approach breaks down when AI agents generate volumes of code faster than humans can review it.
The Apiiro CLI shifts security earlier by making it directly callable by AI agents during development. Rather than waiting for human oversight, automated systems can check security implications as they write code.
The tool gives AI agents access to Apiiro's application architecture mapping, data flow analysis, and risk inventory. Agents can query this context and apply security policies within continuous integration pipelines.
Six built-in capabilities for different development stages
Apiiro CLI ships with six agent skills-discrete, trigger-based functions that AI assistants like Claude Code and Cursor can invoke autonomously.
- Scan detects secrets and vulnerable dependencies in real time
- Risks provides access to Apiiro's full risk inventory inside the coding environment
- Fix connects findings to automated remediation-upgrading dependencies, removing exposed secrets, or rewriting insecure patterns
- Guardian Agent acts as a context-aware security assistant that answers questions about codebases and risk posture
- AI Threat Modeling applies STRIDE-based analysis before code is written
- Secure-Prompt embeds security requirements into development tasks at the instruction stage, so AI-generated code starts hardened rather than requiring fixes later
The skills are designed to integrate into development workflows without interrupting them. Developers can install the CLI with a single command.
The shift from human-centric to agent-centric security
Shmulik Cohen, an AI engineer at Apiiro, said the company built the tool around a fundamental principle: "Security platforms that weren't designed for AI agents will become irrelevant because AI agents can't interact with them."
Being AI-native means more than using AI inside a platform. It means building a platform that AI can use directly.
Apiiro has raised $135 million across two funding rounds. General Catalyst Group Management, Greylock Partners, and Kleiner Perkins Caufield & Byers are among its investors.
Developers integrating security into AI-assisted workflows may benefit from understanding how AI tools fit into the broader development process. AI for Software Developers covers practical approaches to this integration.
Your membership also unlocks:
