The agentic security engineer
Your overloaded security team just got a new hire — one that covers the full vulnerability detection process relentlessly and autonomously, 24/7
Part of the
Everything your team ships
reviewing acme · 47 today
46 cleared · audit-logged
1 needs you
SSRF · acme/api /api/proxy · verified against staging
Fix sent to CursorPR #1285 opened with the patch · ready to merge
Mythos-ready security for your codebase
Read the full replication study →Using public models - GPT-5.4 and Claude Opus 4.6 - in an open-source coding agent, our research team reproduced three of four representative Anthropic Mythos findings, including the flagship FreeBSD remote-root NFS bug. The same engine now reviews every PR your team opens.
Representative findings reproduced
Flagship FreeBSD NFS bug
No special access required
Kernel OOB read in netfilter H.323 ASN.1 decoder
decode_int() called get_uint() without bounds-checking a length value read from a CONS-encoded H.323/RAS packet, causing a 1-4 byte slab-out-of-bounds read in the kernel.
Critical·CVSS 9.1Kernel OOB read in netfilter H.323 Q.931 decoder
DecodeQ931() decremented a wire-supplied 16-bit length without checking for zero, wrapping to -1. The kernel decoder then read far past the buffer - network-reachable, no auth required.
Broken access controlProxy auth key reused across sandboxes
Proxy auth keys were cached without scoping to the sandbox ID, opening a path to unauthorized access to other sandboxes.
VIDOCIdentify
VIDOC reviews every pull request and surfaces the vulnerabilities that matter.
Verify
Every critical finding is checked for real exploitability before it reaches your team.
Patch
VIDOC gives your team a PR-ready fix prompt for fast engineering review.
