Feature Guide

Generate Spec for AI Tools

Export your vulnerability scan results as structured JSON. Feed it into Cursor, Lovable, Bolt, or any AI coding assistant to get intelligent fixes.

Learn How Try CursorGuard Free

Why Generate Spec?

Give AI the Context It Needs

AI tools work best with precise context. The Generate Spec feature exports everything an AI needs to understand and fix your security issues.

Give AI Exact Context

Instead of vague descriptions, provide AI tools with precise file paths, line numbers, and code snippets for each vulnerability.

Filter What Matters

Focus on critical issues first, or tackle everything at once. Filter by severity and scanning tool to create targeted fix lists.

Structured JSON Format

Machine-readable JSON that any AI tool can parse. Includes severity, rule IDs, messages, code snippets, and fix suggestions.

Works with Any AI Tool

Use with Cursor, Lovable, Bolt, GitHub Copilot, Claude, ChatGPT, or any AI coding assistant that accepts context.

The Guide

6 Steps to Your Spec File

From scan to JSON in under a minute. Here's how to generate your vulnerability spec.

1

Run a Security Scan

First, connect a GitHub repository to CursorGuard and run a security scan. The scan will analyze your code using Semgrep, ESLint security plugins, and our AI-powered Claude analysis.

Pro Tip

You can trigger scans manually or set up automatic scanning on every push to your repository.

2

Open the Scan Results

Once the scan completes, navigate to the scan detail page. You'll see a summary of vulnerabilities organized by severity (Critical, High, Medium, Low) and by scanning tool.

Pro Tip

Review the vulnerability list to understand what issues were found before generating your spec.

3

Click "Generate Spec"

In the scan results header, find the "Generate Spec" button. This opens a drawer where you can customize which vulnerabilities to include in your export.

Pro Tip

The button is located near the top of the scan detail page, next to other action buttons.

4

Filter by Severity

Select which severity levels to include: Critical, High, Medium, and/or Low. Each severity shows a count of matching vulnerabilities so you can make an informed choice.

Pro Tip

For AI fixes, start with Critical and High severity issues first—they're the most impactful.

5

Filter by Tool/Source

Choose which scanning tools to include: Semgrep (pattern matching), ESLint (JavaScript/TypeScript rules), or Claude AI (contextual analysis). Each tool catches different types of issues.

Pro Tip

Claude AI findings often include more detailed fix suggestions since they're context-aware.

6

Download the JSON Spec

Click "Generate Spec" to download a `vulnerability-spec.json` file. This structured JSON contains everything an AI tool needs to understand and fix your security issues.

Pro Tip

The file downloads instantly—no processing wait time required.

Start Your First Scan

The Output

What's in the JSON Spec?

A structured format that gives AI tools everything they need to understand and fix each vulnerability.

vulnerability-spec.json 
{
  "generated_at": "2025-01-20T14:30:00.000Z",
  "total_vulnerabilities": 3,
  "filters_applied": {
    "severities": ["critical", "high"],
    "tools": ["semgrep", "claude-ai"]
  },
  "vulnerabilities": [
    {
      "id": "vuln-001",
      "severity": "critical",
      "rule_id": "javascript.express.security.audit.xss.mustache-escape.template-unescaped-with-safe",
      "rule_name": "XSS via unescaped template",
      "file_path": "src/components/UserProfile.tsx",
      "line_start": 45,
      "line_end": 47,
      "message": "Unescaped user input rendered in template may allow XSS attacks",
      "code_snippet": "dangerouslySetInnerHTML={{ __html: user.bio }}",
      "fix_suggestion": "Sanitize HTML content using DOMPurify before rendering: dangerouslySetInnerHTML={{ __html: DOMPurify.sanitize(user.bio) }}",
      "tool": "semgrep"
    },
    {
      "id": "vuln-002",
      "severity": "high",
      "rule_id": "hardcoded-api-key",
      "rule_name": "Hardcoded API Key",
      "file_path": "src/lib/stripe.ts",
      "line_start": 12,
      "line_end": 12,
      "message": "API key appears to be hardcoded in source code",
      "code_snippet": "const STRIPE_KEY = 'sk_live_xxx...'",
      "fix_suggestion": "Move API keys to environment variables: const STRIPE_KEY = process.env.STRIPE_SECRET_KEY",
      "tool": "claude-ai"
    }
  ]
}

Metadata

Timestamp, total count, and which filters were applied during export.

Location

Exact file path and line numbers so AI knows where to make changes.

Fix Suggestions

Pre-analyzed recommendations that AI can use as a starting point.

AI Integration

Use with Your Favorite AI Tool

The JSON spec works with any AI coding assistant. Here's how to use it with popular tools.

Cursor

How to use:

  1. 1 Open your project in Cursor
  2. 2 Open the AI chat panel (Cmd/Ctrl + L)
  3. 3 Paste the JSON content or reference the file
  4. 4 Ask: "Fix the vulnerabilities in this spec"

Example prompt:

I have a security scan spec with vulnerabilities. Please review each issue and provide fixes:

[paste JSON here]

For each vulnerability, show me the fix and explain why it's more secure.

Lovable

How to use:

  1. 1 Open your Lovable project
  2. 2 Reference the vulnerability spec in chat
  3. 3 Ask Lovable to fix security issues
  4. 4 Review and accept the suggested changes

Example prompt:

My security scan found these vulnerabilities in my project. Please fix each one:

[paste JSON here]

Make sure to address all critical and high severity issues first.

Bolt

How to use:

  1. 1 Open your Bolt project
  2. 2 Share the vulnerability spec in chat
  3. 3 Request fixes for each issue
  4. 4 Test the changes in preview

Example prompt:

Here's a security vulnerability spec from CursorGuard. Please fix these issues in my codebase:

[paste JSON here]

Focus on the file paths and line numbers provided.

Copy & Paste

Universal Prompt Template

Use this template with any AI coding assistant to get consistent, high-quality fixes. 

I have a security vulnerability spec from CursorGuard. Please analyze each vulnerability and provide fixes.

For each issue:
1. Explain the security risk
2. Show the fixed code
3. Explain why the fix is more secure

Here's my vulnerability spec:

[Paste your JSON spec here]

Start with the critical and high severity issues first.

Pro Tips

Get Better Results

Start Small

Filter to just critical issues first. AI tools work better with focused context than overwhelming lists.

Review Each Fix

AI suggestions are a starting point. Always review changes for your specific codebase context.

Rescan After Fixes

Run another CursorGuard scan after applying fixes to verify the vulnerabilities are resolved.

Use Claude AI Findings

Include Claude AI tool results—they often have the most detailed fix suggestions already built in.

Ready to Start?

Scan Your Code, Generate Your Spec

Get started with CursorGuard today. Run your first scan, export your vulnerability spec, and let AI help you build more secure software.

Start Scanning Free Back to Guides

Free tier available. No credit card required.