This project is an AI-powered security agent that reviews application code and cloud infrastructure files to automatically detect vulnerabilities, map them to industry standards like CWE and CVSS, and generate fixes that can be applied directly. What makes it different is that the results are validated by real security scanners like Semgrep and Checkov, so the output is not just AI guessing but actually verified.