Agentic AI Workflow

This guide explains how to configure an IDE or Agentic Workflow client to communicate with a deployed Model Context Protocol (MCP) server for use with SD Elements.

Once configured, your client (IDE plugin, local script, or agent) can securely interact with SD Elements to enable agentic security workflows over HTTP.

Overview

Security requirement generation in SD Elements has traditionally relied on structured workflows, including questionnaires, predefined mappings, and human review cycles. These approaches provide consistency and control, but can require repeated effort as applications evolve and teams scale. Agentic AI introduces a new way to interact with these existing workflows.

Agentic Workflow

Enables AI agents to perform context-aware, multi-step actions across SD Elements projects and security workflows for automation and assistance.

Model Context Protocol (MCP)

A standardized, secure, and auditable way for AI agents to interact with SD Elements while respecting existing permissions and governance controls.

Using Model Context Protocol (MCP), AI agents can connect to SD Elements and perform actions on behalf of a user through a defined set of tools. This allows users to generate, review, and update security artifacts — such as projects and security requirements — using natural language prompts or predefined workflow prompts.

This does not replace existing SD Elements capabilities. Instead, it provides an additional interaction model that can assist with common tasks, reduce repetitive steps, and surface relevant information more quickly.

Why Deploy Agentic AI Workflow?

Agentic Workflow allows teams to bring SD Elements directly into their AI-assisted development workflow.

Once deployed, developers and security teams can:

  • Interact with SD Elements from their IDE or AI client

  • Plan and configure projects using real repository context

  • Update requirements as code evolves

  • Validate policy alignment without leaving their workspace

  • Generate summaries or cross-project insights on demand

Instead of manually navigating SD Elements, users can leverage AI agents to perform structured, permission-aware actions through MCP.

How Teams are Using Agentic AI

Once deployed and connected to an AI client, Agentic Workflow becomes part of the team’s daily development process.

Developers can:

  • Plan new projects directly from repository context

  • Update security requirements as code evolves

  • Run surveys without leaving their IDE

  • Validate policy alignment during development

Security Teams can:

  • Review and adjust project configurations at scale

  • Maintain alignment to evolving policies

  • Analyze security posture across multiple projects

  • Generate executive-ready summaries

Suggested Workflow

The following example demonstrates how a developer might use Agentic Workflow with a repository through a supported AI client.

Plan a New Project from a Repository

  1. Start a new agent session in your AI client.

  2. Select Agent Mode (or equivalent) and choose your preferred model.

  3. Ensure your terminal or workspace is pointed at the target code repository.

  4. Copy and paste the "Model in SDE" prompt into the agent.

  5. Allow the agent to complete the workflow.

Validate the Project in SD Elements

After execution, confirm:

  • A new SD Elements project was created (or updated) successfully.

  • Survey responses include expected comments.

  • Publishing the survey generated the corresponding countermeasures.

  • The correct project profile appears in the Overview tab.

Implement Countermeasures

  1. (Optional) Start a new agent session for clarity.

  2. Copy and paste the "Implement Countermeasures" prompt.

  3. Allow the agent to complete the updates.

Validate the Updates

Confirm that:

  • Countermeasure statuses were updated as expected.

  • Each countermeasure includes a contextual note.

Recommended Best Practices on Workflow

  • Review agent-generated changes before committing updates.

  • Use separate agent sessions for major workflow steps when possible.

  • Larger, more capable models typically perform better for complex repositories.

Supported AI Clients and Agents

The SD Elements MCP Server is compatible with MCP-capable AI clients and agents. The following have been fully validated:

Validated Clients and Agents:

Client Type Agent Validated Models

Cursor

IDE

Gemini 3.1, Claude Opus 4.6, Codex 5.3, GPT 5.2

Claude Code

CLI Agent

Claude Opus 4.6

VS Code

IDE

GitHub Copilot

GPT 5.2
Larger, more capable models generally produce better results for multi-step agentic workflows. Other MCP-capable clients may work but have not yet been fully validated.

Other MCP-capable clients may work but are not yet fully validated.

  • Claude Desktop (Requires Proxy Configurations)

results matching ""

    No results matching ""