The Surprising Truth About GPT-5 in Cursor's Agent Mode

In this video, I test out GPT-5 by asking it to build a simple and secure Node.js notes app that lets users create, read, update, and delete notes. I run two experiments — one without a security MCP server and one with it — to see how well the new model handles both functionality and security.

Use Snyk for free to find and fix security issues in your applications today! https://snyk.co/ugLYn

✍️ Resources ✍️
Snyk MCP Server: https://snyk.co/mcp-docs
Snyk Advisor: https://snyk.co/advisor
GitHub Repo: https://github.com/clarkio/ai-code-security

⏲️ Chapters ⏲️

00:00 - Intro

00:43 - Test without a security MCP server

02:34 - Security checking

03:45 - Test WITH a security MCP server

05:51 - How to use Snyk Advisor

06:42 - Test results (with MCP server)

09:21 - Security check

09:36 - What did we learn?

10:31 - Conclusion and outro

⚒️ About Snyk ⚒️

Snyk helps you find and fix vulnerabilities in your code, open-source dependencies, containers, infrastructure-as-code, software pipelines, IDEs, and more! Move fast, stay secure.

Learn more about Snyk: https://snyk.co/ugLYl

📱 Connect with Us 📱

🖥️ Website: https://snyk.co/ugLYl
🐦 X: http://twitter.com/snyksec
💼 LinkedIn: https://www.linkedin.com/company/snyk
💬 Discord: https://discord.gg/devsecops-community-918181751526948884

• ️ Subscribe: https://www.youtube.com/c/SnykSec
• 🔥 We're hiring! Check our open roles: https://snyk.co/ugLYp

🔗 Hashtags 🔗
#DevSecOps #aicodingtools #aicoding