Security Remediation Flow

Trigger

A security gate returns fail due to critical finding.

Remediation loop

1. security-agent provides structured finding and required fix criteria.
2. developer-agent produces patch and tests.
3. qa-agent verifies regression impact.
4. security-agent re-checks and issues updated gate decision.

Control requirements

• Every loop iteration is a distinct run-ledger entry.
• Max iteration threshold enforced by orchestrator policy.
• Human security owner required for unresolved critical findings.