March 2026
We are excited to introduce the latest features and enhancements in Endor Labs.
Endor Labs Skills Beta New
Endor Labs Skills are pre-built AI agent instructions that automate common security workflows using endorctl. Skills provide structured prompts that guide your AI coding assistant through tasks like installing and configuring endorctl, authenticating with identity providers, scanning repositories for vulnerabilities, and running secrets and SAST scans. Skills are available for Claude Code and Cursor.
For more information, see Skills.
Endor Labs MCP server support for additional platforms Beta Enhancement
The Endor Labs MCP server now supports Claude Code, OpenAI Codex, Devin, Augment Code, and IntelliJ IDEA, in addition to the previously supported Cursor, Visual Studio Code, and Gemini CLI platforms. You can integrate the MCP server into your preferred AI-powered development workflow to scan code in real-time and catch security issues before they reach production.
For more information, see MCP Server.
Scala Bzlmod support for Bazel repositories New
Endor Labs now supports software composition analysis for Scala projects in Bazel repositories that use Bzlmod for external dependency management. Bzlmod support requires Bazel aspects with rules_scala >= 5.0.0.
For more information, see Bazel and Bazel Aspects.
Bitbucket Data Center App PR scans Beta New
The Endor Labs Bitbucket Data Center App now supports automated pull request scanning for security vulnerabilities, policy violations, and exposed secrets. You can also configure PR comments directly on your pull requests when issues are detected, helping developers address security concerns before merging code.
For more information, see Bitbucket Data Center App PR scans.
Snooze findings New
You can now snooze findings to temporarily dismiss them and choose when they should reappear, making it easier to defer action on findings without creating permanent exception policies.
For more information, see Snooze findings.
Dismiss findings using ignore files New
You can use an ignore file in your repository to exclude specific findings from scan results. The file is read during a scan and applies only to the repository version that contains it. Entries that match the file are excluded from the findings view and do not trigger action policies.
For more information, see Dismiss findings using an ignore file and Allow ignore files to dismiss findings.
Container registry scanning Beta New
Endor Labs now supports scanning container images directly from container registries.
Use endorctl container registry commands to:
- Discover container images across repositories.
- Apply filters to control the scan scope.
- Create and reuse scan plans for repeated scans.
For more information, see Container registry scanning.
Feedback
Was this page helpful?
Thanks for the feedback. Write to us at support@endor.ai to tell us more.
Thanks for the feedback. Write to us at support@endor.ai to tell us more.