GitHub AgentHQ launched recently with a handful of first-wave partner agents. Bright Security (DAST vendor) is one of them, their agent scans your PRs for security vulns, validates exploitability, and opens fix commits directly in the PR. It's a single-button install from the Marketplace, free to try with no commitment. Worth a look if you're already in the Copilot / GitHub Agents ecosystem.