Skip to main content

What Tasks Are For

Unlike assessments, which run fully autonomous penetration tests, tasks let you direct agent teams to carry out specific security work based on your instructions. You describe what you need, monitor progress, and provide input along the way. Task agents are connected to the MindFort platform. They can use the target, scope, guardrails, stored credentials, finding history, knowledge documents, and target-scoped memories already in MindFort while they work. As they investigate, they can keep security context inside the platform instead of scattering it across one-off chats or local notes. Use tasks when the work needs long-horizon investigation, repeated context, specialized security tooling, or human approval before sensitive steps.

Platform Context

MindFort is the home for the security context your agents use:
  • Targets define the application or API being tested.
  • Scope and guardrails define the authorized boundaries for agent work.
  • Credentials and login instructions let agents reach authenticated surfaces.
  • Findings give agents prior evidence, severity, and remediation context.
  • Knowledge Lakes give agents access to uploaded architecture docs, policies, runbooks, and other team knowledge.
  • Target-scoped memories let agents carry forward useful target context across task threads.
This means a task is not just a prompt. It is an agent workflow attached to the same security data platform your assessments, findings, reports, and integrations use.

Task Agent Use Cases

Use task agents for targeted security work such as:
Use CaseExample Prompt
Retest a fixRetest the resolved checkout IDOR finding and confirm whether the fix blocks cross-user access.
Investigate a suspicious surfaceReview the new API documentation in Knowledge Lakes and identify endpoints that may need auth-boundary testing.
Deep-dive a findingUse the evidence from this finding to determine the likely root cause and propose the next validation steps.
Authenticated workflow testingLog in with the stored test credential and check whether billing settings are exposed to the wrong role.
Regression checks after deployAfter the latest release, rerun targeted tests against the password reset and invite flows.
Scope-aware explorationExplore the staging target for exposed admin routes, staying inside the configured include/exclude scope.
Advisory and version researchCheck whether the exposed framework version maps to any relevant CVEs and only report it if the exact version is confirmed.
Remediation planningReview the high severity findings for this target and group them by likely engineering owner and fix path.
Customer or audit prepSummarize the currently resolved findings, remaining open risk, and evidence that should be included in the next report.
Finding follow-upLook at the last three findings on this target, decide what additional evidence would make them easier to fix, and collect it if it is in scope.
Security research from platform contextUse this target's findings and uploaded architecture notes to identify the highest-risk auth flows we should investigate next.
For recurring workflows, save the task as a template and schedule it to run automatically.

When to Use Tasks vs. Other Agent Workflows

Use Tasks when you want MindFort-hosted agents to perform directed security work against a target with platform context, stored credentials, specialized tools, live progress, and approval points. Use Assessments when you want a complete autonomous red-team run. Use Patching when you want MindFort to generate a pull request from a finding. Use MCP when you want your own local AI copilot to read MindFort findings, investigate in your local codebase, and help remediate from inside your editor.

Create and Run a Task

  1. Open Tasks.
  2. Click to create a new task.
  3. Select target.
  4. Optionally select stored credentials.
  5. Enter task description (or choose a quick task template).
  6. Run task.

During Execution

You can monitor:
  • live logs and status
  • generated plan steps
  • approval prompts when input is required
  • final outcome/report content

Save and Reuse Templates

Use templates for repeated workflows:
  • create template from a task prompt
  • run a template against a selected target

Task Schedules

Tasks support schedule automation with:
  • one-time
  • daily
  • weekly
  • monthly
When creating a schedule, set:
  • target
  • optional credential
  • frequency
  • date/time fields
  • timezone

Manage Existing Task Schedules

From task scheduling controls, you can:
  • pause schedules
  • resume schedules
  • delete schedules