AI News HubLIVE
In-site rewrite5 min read

VulnHunter: Agentic AI Security Tool

VulnHunter is an open-source, agentic AI security tool that applies proactive, attacker-first analysis directly to source code. It identifies exploitable vulnerabilities, reduces false positives, and provides evidence-backed fixes.

SourceHacker News AIAuthor: 882542F3884314B

Uh oh!

There was an error while loading. Please reload this page.

Notifications You must be signed in to change notification settings

Fork 15

Star 69

BranchesTags

Open more actions menu

Folders and files

NameName

Last commit message

Last commit date

Latest commit

History

14 Commits

14 Commits

harness

harness

vulnhunt-fix-verify

vulnhunt-fix-verify

vulnhunt

vulnhunt

vulnhunter-agent

vulnhunter-agent

vulnhunter-fix

vulnhunter-fix

.gitignore

.gitignore

.oss-sync.json

.oss-sync.json

CODEOWNERS

CODEOWNERS

CONTRIBUTING.md

CONTRIBUTING.md

LICENSE

LICENSE

README.md

README.md

SECURITY.md

SECURITY.md

install.sh

install.sh

uninstall.sh

uninstall.sh

Repository files navigation

From pattern-matching to provability.

VulnHunter is an open-source, agentic AI security tool that applies proactive, attacker-first analysis directly to source code.

Unlike traditional, passive SAST scanners that flag suspicious patterns and often cause false positives, VulnHunter reasons like an adversary. It identifies which defects are actually exploitable, maps prospective attack paths, and proposes targeted, evidence-backed fixes.

Modern software supply chains are deeply interconnected. A single vulnerability in a widely-used open-source component can ripple across thousands of enterprises simultaneously.

Developed internally at Capital One, VulnHunter is released to the community because no single organization can solve this challenge alone.

Warning

Cyber-safeguard disclaimer VulnHunter performs dual-use cybersecurity work (vulnerability discovery and exploitation). If you run it against an Anthropic account that is not enrolled in Anthropic's Cyber Verification Program, real-time cyber safeguards may block requests and your usage may be flagged for cyber abuse. If you intend to use VulnHunter on Anthropic's first-party platforms (Claude API / Claude Code), we strongly recommend enrolling first via the verification portal.

Important

Prerequisites & Model Requirements Built and optimized for Claude Opus running in Claude Code. The framework depends on deep, multi-step reasoning and requires frontier Opus-class models. You supply your own model access.

Why VulnHunter is Different

Attacker-First Forward Analysis: Conventional tools often leverage "sink-first" analysis, looking at potentially dangerous code patterns to search backward for a hypothetical attacker, flooding teams with false positives. VulnHunter flips this model to simulate a bad actor's exact journey. It begins at potential attacker-accessible entry points (APIs, network messages, file uploads) and reasons forward to evaluate whether an attacker can truly break through.

Falsification Engine: After finding a potential vulnerability, VulnHunter runs a structured reasoning workflow specifically designed to disprove its own argument. It searches for flawed assumptions, logic gaps, or security controls that would block the attack. It is designed to immediately discard findings that rely on unsupported assumptions. What reaches you is a high-priority, actionable defect.

Evidence-Backed Remediation: When a defect survives the falsification engine, VulnHunter maps the exact exploit path, explains the structural flaw, details the specific capabilities or access an attacker would gain, and generates focused, targeted code changes for review.

The Closed Loop: Hunt → Fix → Verify

VulnHunter ships as three composable Claude Code skills that form a complete, automated remediation loop:

Skill Phase Core Responsibility

/vulnhunt Hunt Maps entry points to dangerous sinks. Filters findings through a multi-stage falsification pipeline (Recon → Parallel Hunt → Adversarial Disprove → Capability Filter). Emits only verified issues with an executable exploit and a proposed fix.

/vulnhunter-fix Fix Developer-led, test-driven remediation. It writes an exploit demo, creates a failing security test (RED), implements the code fix (GREEN), verifies the exploit is blocked without regressions, and cuts a reviewable PR.

/vulnhunt-fix-verify Verify A completely separate, read-only agent that independently validates whether a finding was successfully remediated. It emits a per-finding verdict so fixes are proven, not taken on faith.

Note: For running this loop unattended at scale, vulnhunter-agent/ wraps the scanner in a headless runtime, while harness/ drives it across multiple repositories in batch.

On the naming: the suite is VulnHunter, but the core scanner command is /vulnhunt (and the verifier /vulnhunt-fix-verify) — the shorter form is intentional, not a typo. The /vulnhunter-fix remediation skill and the vulnhunter-agent/ runtime keep the full spelling.

Repository Layout

Each component is organized into a self-contained subtree:

Path Description

vulnhunt/ The core /vulnhunt scanner skill (Prompt-only: SKILL.md + phases). See vulnhunt/README.md.

vulnhunter-fix/ The /vulnhunter-fix skill, its companion Python helper package, and tests. See vulnhunter-fix/README.md.

vulnhunt-fix-verify/ The /vulnhunt-fix-verify standalone verification skill (Prompt-only). See vulnhunt-fix-verify/README.md.

vulnhunter-agent/ Config-driven headless runtime wrapper that runs scans and files GitHub issues. See vulnhunter-agent/README.md.

harness/ Developer tooling for running large batch-scans and benchmarking detection accuracy. See harness/README.md.

Requirements & Setup

Prerequisites

Claude Code CLI, authenticated with access to Claude Opus.

Python 3.12+ (Required only for the runtime agent and the benchmarking harness).

Responsibility Check: Ensure you are only scanning code bases you are explicitly authorized to analyze.

Installation

Clone the repository

git clone https://github.com/capitalone/vulnhunter.git cd vulnhunter

Copy skills into ~/.claude/skills/

./install.sh

(Optional) To clean up or remove installed skills

./uninstall.sh

Note

install.sh copies files directly (rather than symlinking) because symlinks can break find/glob functionality inside subagents. Re-run ./install.sh after pulling updates to refresh your local environment.

Usage Guide

  1. Run the Scanner

claude --model opus --add-dir ~/.claude/skills/vulnhunt --add-dir ~/.claude/skills/vulnhunt/phases

Inside the Claude Code session, invoke:

/vulnhunt

  1. Run the Fixer

The fixer requires git, the GitHub CLI (gh) authenticated to your target repositories, and its Python helpers installed (pip install -e ".[dev]" inside the vulnhunter-fix/ directory).

claude --model opus --add-dir ~/.claude/skills/vulnhunter-fix

Inside the Claude Code session, invoke:

/vulnhunter-fix

See vulnhunter-fix/README.md for advanced operational modes and configuration settings.

  1. Run the Fix Verifier

The verifier runs strictly read-only over trusted roots under a tight tool envelope (Read/Write/Edit/Glob/Grep/Agent—no Bash execution, no network access). The caller must pre-create the output (out) directory.

claude --model opus --add-dir ~/.claude/skills/vulnhunt-fix-verify \ --add-dir ~/.claude/skills/vulnhunt-fix-verify/phases

Inside the Claude Code session, invoke:

/vulnhunt-fix-verify repo= report= fixed=VULN-001,... out= [comments=] [additional_repos=,]

Automation & Scale

Headless Runtime Agent (vulnhunter-agent/)

For non-interactive or CI/CD pipelines, vulnhunter-agent/ wraps the scanner into a headless workflow. It clones targets, executes /vulnhunt, publishes results, and opens GitHub issues for confirmed bugs. It connects natively via the direct Anthropic API.

Review the vulnhunter-agent/README.md for deployment blueprints.

Local Harness (harness/)

The harness/ directory provides workstation-scale developer tooling. To initialize, run cd harness && pip install -e ".[dev]".

Batch Scanning

Manage your target list in harness/local_harness/batch/REPO_LIST.txt (one GitHub URL per line, lines starting with # are ignored):

cd harness python -m local_harness.batch.run scan # Clone and scan every repo in the list python -m local_harness.batch.run scan --resume # Skip repositories already processed python -m local_harness.batch.run status # Monitor progress across your batch python -m local_harness.batch.run collect # Gather all findings for centralized review

Benchmarking Mode

Evaluate scanner accuracy against a known-vulnerable vulnerability corpus (Clone → Scan → LLM-Judge → Tally Metrics):

python -m local_harness.benchmark.run # Execute full benchmark run python -m local_harness.benchmark.run --repos "name" # Benchmark a single target repository python -m local_harness.benchmark.run --tally-only # Re-generate the analytical report only

Bring Your Own Corpus: This repository ships with a minimal synthetic example (harness/local_harness/benchmark/ground_truth/EXAMPLE.json) mapped to public targets like OWASP NodeGoat, Juice Shop, and WebGoat. Build out your own testing suites inside ground_truth/.json. Define your target scanning/judging engines in harness/local_harness/config.py.

Running Tests

Each Python component maintains its own isolated testing suite. Run them using pytest:

cd harness && pip install -e ".[dev]" && python -m pytest tests/ --cov=local_harness cd vulnhunter-fix && pip install -e ".[dev]" && python -m pytest -q cd vulnhunter-agent && pip install -e ".[dev]" && python -m pytest -q

Contributing, Security & License

A Note on Models: VulnHunter was precision-tuned for Claude Opus and Claude Code. Its low false-positive discipline relies heavily on frontier-class reasoning, though the underlying orchestration patterns can be adapted to other advanced foundation models.

Contributing: See CONTRIBUTING.md to propose core framework improvements, prompt updates, or wider model support configurations.

Security: Review SECURITY.md for instructions on how to safely report security vulnerabilities found within VulnHunter itself.

License: Distributed under the terms of the Apache License, Version 2.0. See LICENSE for details.

About

Agentic AI security tool that applies proactive, attacker-first analysis directly to source code.

Resources

Readme

License

Apache-2.0 license

Contributing

Contributing

Security policy

Security policy

Uh oh!

There was an error while loading. Please reload this page.

Activity

Custom properties

Stars

69 stars

Watchers

1 watching

Forks

15 forks

Report repository

Releases

No releases published

Packages 0

Uh oh!

There was an error while loading. Please reload this page.

Contributors

Uh oh!

There was an error while loading. Please reload this page.

Languages

Python 98.9%

Shell 1.1%