Antigravity guide
Add Snyk Studio to Google Antigravity to secure code generated with agentic workflows through a Large Language Model (LLM). This can be achieved in several ways. When you use it for the first time, Snyk Studio will ask for trust and trigger authentication if necessary.
Install Antigravity
Visit the Google Antigravity website to download the correct version of the IDE.
Install using the Snyk Studio plugin
The Snyk MCP server cannot be manually installed. Use the Snyk Security plugin in Google Antigravity.
Click this link to open the Snyk Security plugin in Google Antigravity directly.
Click Install.
If asked to trust the publisher, select Trust Publisher & Install.
Set up Snyk Studio
Enable "Secure At Inception"
On installation completion, a modal prompts you to opt in to Snyk Studio's "Secure at inception." This action automatically configures the necessary rules to scan any new AI generated code. Additional options are available on the Settings page for the plugin.
Authenticate
When you have made a selection regarding Secure at inception, you will be asked to authenticate. You can authenticate at two points in this process:
Immediately after plugin install
Before your first Snyk code scan
As part of the authentication flow, you will be asked to either sign up or sign in on the Snyk website. A browser window will open.
For new users, select the preferred sign up method and agree to the terms on the next screen. On successful authentication, you will be instructed to return to your IDE.
For existing users, select the login method associated with your account. If you do not have access to Snyk Code, your LLM will prompt you to enable it prior to your first scan. You can also enable it directly in Snyk's Settings.
Run Snyk Studio
On authentication, Snyk Studio will be triggered whenever new code is generated by the LLM. If Snyk Studio is not enabled, restart your IDE and try generating code again.
Examples
Scanning for security vulnerabilities
In the chat, you can tag specific files or functions and ask [add MCP guide name] to scan your code for safely deploying to production:
Scan this directory for code security & dependency vulnerabilities and security issuesGoogle Antigravity indicates that this request is related to security vulnerability scanning and calls the Snyk MCP Server for various scans.
Google Antigravity is then able to gather all the security scanning results, both code (SAST) and dependencies (SCA), and based on recommendations and contextual information provided by the Snyk MCP Server, it is now able to provide code changes that address some or all of the security vulnerabilities that were found.
"Secure at inception" rules
To practice Secure at inception, Snyk recommends adopting rules that align the LLM for secure code generation and workflows.
The following is a suggested instruction for Google Antigravity's rules if you choose to implement on your own instead of controlling then through Snyk's Secure At inception setting. Add these to your environment's global rules file or you must add them again in every project.
Always run Snyk Code scanning tool for new first party code generated.
Always run Snyk SCA scanning tool for new dependencies or dependency updates.
If any security issues are found based on newly introduced or modified code or dependencies, attempt to fix the issues using the results context from Snyk.
Rescan the code after fixing the issues to ensure that the issues were fixed and that there are no newly introduced issues.
Repeat this process until no issues are found.Last updated
Was this helpful?