Skip to main content
Neo’s built-in agents cover broad security use cases out of the box. Custom agents let you go further: defining exactly how an agent should behave for a specific workflow, what tools it should use, and what output you expect. The result is an agent purpose-built for your team and objectives.

Why create a custom agent

Every security team operates differently. You have internal tools, specific target environments, and methodologies shaped by your objectives. Custom agents let you codify that specificity into a reusable agent that any team member can deploy in any task. Neo already learns and adapts through compound memory. Custom agents complement that by giving you direct control over an agent’s behavior for a particular use case, so it operates exactly as intended from the first run.

When to create a custom agent

You have internal tools or proprietary infrastructure. If your team uses internal scanners, custom scripts, or proprietary APIs, a custom agent can be configured to incorporate those tools as part of its standard workflow. You need consistent methodology across the team. A custom agent standardizes the approach: everyone on the team gets the same methodology, the same reporting format, and the same depth without having to coordinate it manually. You’re running the same assessment type repeatedly. Recurring engagements like quarterly pentests, release-gate security reviews, or continuous compliance checks benefit from a purpose-built agent that operates with a defined scope, criteria, and expected output from the start. You want to encode institutional knowledge. Senior team members carry expertise that newer members are still building. Custom agents let you capture that knowledge and make it available to the whole team, consistently.

What it enables

Precision for your use case. A custom agent built for a specific workflow knows exactly what to prioritize, which tools to reach for, and what output format to produce. Team-wide consistency. Everyone operates from the same baseline: same methodology, same standards, same output format across every task and every team member. Faster onboarding. New team members can run effective assessments from day one using agents that already embody your team’s approach. Deeper coverage where it matters. A custom agent built around your specific stack, threat model, or compliance requirements focuses where generic agents would spread effort broadly.

Anatomy of a custom agent

Every custom agent Neo builds has the same structure:
  • System context: defines the agent’s role, scope, and rules. This is the core instruction set that shapes how the agent thinks and operates.
  • When to use: describes the situations this agent is best suited for, so Neo knows when to select it automatically during a task.
  • Custom tools: purpose-built tools with defined command templates and parameters, created specifically for what this agent needs to do.
  • Native tools: built-in platform capabilities the agent can draw on, such as web search, command execution, file read/write, and script execution.
  • Installation commands: commands to set up any dependencies the agent requires in the sandbox before it runs.
  • Verification commands: commands to confirm the installation succeeded and required tools are available.
  • Metadata: capabilities, tags, version, and a unique agent ID for referencing the agent in tasks and automations.

How to create a custom agent

You create a custom agent by prompting Neo directly: describe the agent you want, what it should focus on, and how it should behave. Neo researches your requirements, determines the right tools for the job, and builds the agent accordingly. You can be as specific or as high-level as you like: Neo fills in the gaps based on what makes sense for your use case. For example: 
Create an agent that audits our internal Django apps for broken access
control and IDOR. It should clone the repo I give it, run Semgrep with our
ruleset, map the routes to permission checks, and report findings grouped
by severity. Use it whenever I point it at one of our backend repos.
The result is saved as a reusable agent in your account, ready to use in any task.

Sharing custom agents

Custom agents can be shared with your team, making them available to everyone in your account. You can also publish agents to the Neo community, where other security teams can discover and use them.