AI-powered vulnerability scanner that uses coding agents to perform deep security analysis of codebases — regex-based candidate matching followed by LLM-driven investigation, with support for distributed execution and PR diff review.
Uses a two-phase approach: fast regex matchers narrow suspicious code patterns, then AI agents investigate each candidate at maximum capability. Supports full repo scans and targeted PR diff reviews. Resumable — automatically skips already-analyzed files if interrupted.
Designed for on-demand security audits of large codebases where traditional static analysis misses subtle vulnerabilities. Runs locally with Claude/Codex subscriptions or scales via Vercel AI Gateway with sandbox-based distributed workers.