{"slug": "arm-open-sources-ai-powered-security-code-review", "title": "ARM Open Sources AI-Powered Security Code Review", "summary": "Arm's Product Security Team has released Metis, an open-source AI security framework that uses large language models to perform deep reasoning and context-aware code reviews for detecting subtle vulnerabilities. The tool supports multiple programming languages including C, C++, Python, Rust, and Go, and can validate findings from third-party static analysis tools to reduce false positives. Metis aims to help engineers improve secure coding practices and reduce review fatigue, particularly in large, complex, or legacy codebases where traditional tooling often falls short.", "body_md": "Metis is an open-source, agentic AI security framework for deep security code review, created by [Arm's Product Security Team](https://www.arm.com/products/product-security). It helps engineers detect subtle vulnerabilities, improve secure coding practices, and reduce review fatigue. This is especially valuable in large, complex, or legacy codebases where traditional tooling often falls short.\n\n**Metis** is named after the Greek goddess of wisdom, deep thought and counsel.\n\n-\n**Deep Reasoning** Unlike linters or traditional static analysis tools, Metis doesn’t rely on hardcoded rules. It uses LLMs capable of semantic understanding and reasoning. -\n**Context-Aware Reviews** RAG ensures that the model has access to broader code context and related logic, resulting in more accurate and actionable suggestions. -\n**Plugin-Friendly and Extensible** Designed with extensibility in mind: support for additional languages, models, and new prompts is straightforward. -\n**Issue validation** Validates findings from its own analysis and third-party SAST tools, gathering evidence to reduce false positives. -\n**Provider Flexibility** Support for major LLM services and local models (vLLM, Ollama, LiteLLM etc.). See the[vLLM guide](/arm/metis/blob/main/docs/providers/vllm.md)and the[Ollama guide](/arm/metis/blob/main/docs/providers/ollama.md)for local setup examples.\n\nMetis includes support for the following languages:\n\n| Language | Triage Analysis | Notes |\n|---|---|---|\n| C | Tree-sitter + Flow Analysis + tools | Built-in plugin |\n| C++ | Tree-sitter + Flow Analysis + tools | Built-in plugin |\n| Python | Tree-sitter + Structural Analysis + tools | Built-in plugin |\n| Rust | Tree-sitter + Structural Analysis + tools | Built-in plugin |\n| TypeScript | Tree-sitter + Structural Analysis + tools | Built-in plugin |\n| Terraform | Tools | Built-in plugin |\n| Go | Tree-sitter + Structural Analysis + tools | Built-in plugin |\n| Solidity | Tree-sitter + Structural Analysis + tools | Built-in plugin |\n| TableGen | Tools | Built-in plugin |\n| Verilog | Tree-sitter + Structural Analysis + tools | Built-in plugin |\n\nFor triage analysis details (`Flow Analysis`\n\nvs `Structural Analysis`\n\n), see [docs/triage-flow.md](/arm/metis/blob/main/docs/triage-flow.md).\n\nMetis uses a plugin-based language system, making it easy to extend support to additional languages.\n\nIt also supports multiple vector store backends, including PostgreSQL with pgvector and ChromaDB.\n\nBy default, Metis uses **ChromaDB** for local, no-setup usage. You can also use **PostgreSQL (with pgvector)** for scalable indexing and multi-project support.\n\nAfter cloning the repository, you can either create a virtual environment or install dependencies system-wide.\n\nTo use a virtual environment (recommended):\n\n```\nuv venv\nuv pip install .\n```\n\nor install system wide using --system:\n\n```\nuv pip install . --system\n```\n\nTo install with **PostgreSQL (pgvector)** backend support:\n\n```\nuv pip install '.[postgres]'\ngit clone https://github.com/arm/metis.git\n\ncd metis\n\ndocker build -t metis .\n```\n\n**OpenAI**\n\nExport your OpenAI API key before using Metis:\n\n```\nexport OPENAI_API_KEY=\"your-key-here\"\n```\n\nRun metis by also providing the path to the source you want to analyse:\n\n```\nuv run metis --codebase-path <path_to_src>\n```\n\nThen, index your codebase using:\n\n```\nindex\n```\n\nFinally, run the security analysis across the entire codebase with:\n\n```\nreview_code\n```\n\nIf the index is unavailable and you still want to run an analysis, use:\n\n```\nreview_code --ignore-index\n```\n\nThis is supported only for `review_code`\n\n, `review_file`\n\n, `review_patch`\n\n, and `triage`\n\n. In that mode Metis skips retrieval and warns that relevant-context lookup was disabled.\n\nGo to your codebase path and run:\n\n```\ndocker run --rm -it -v `pwd`:/metis metis\n```\n\nTo pass environment variables use `-e`\n\n:\n\n```\ndocker run --rm -it -v `pwd`:/metis -e \"OPENAI_API_KEY=${OPENAI_API_KEY}\" metis\n```\n\nYou can pass arguments to metis:\n\n```\ndocker run --rm -it -v `pwd`:/metis metis --non-interactive --command 'review_code' --output-file results/review_code_results.json\n```\n\n**Metis Configuration ( metis.yaml)**\n\nMetis configuration can be over-ridden using a YAML configuration file (`metis.yaml`\n\n) in the working directory when running metis. The default configuration is in src/metis/metis.yaml. This file defines all runtime parameters including:\n\n**LLM provider:** OpenAI model names, embedding models, token limits**Engine behavior:** max workers, max token length, similarity top-k**Database connection:** In the case of PostgreSQL: host, port, credentials, and schema name**Vector indexing:** HNSW parameters for`pgvector`\n\nThis file is **required** to run Metis and should be customized per deployment.\n\n**Prompt Configuration ( plugins.yaml)**\n\nMetis uses a `plugins.yaml`\n\nfile to define language-specific behavior, including LLM prompt templates and document splitting logic.\nEach language plugin (e.g., C) references this file to load:\n\nYou can customize a number of prompts like the following prompts:\n\n`security_review`\n\n: Guides the LLM to perform a security audit of code or diffs.`validation_review`\n\n: Asks the LLM to assess the correctness or quality of a generated review.`security_review_checks`\n\n: A list of all the security issues the LLM will try to search for.\n\nThese prompts provide natural language context for the LLM and can be tailored to your use case (e.g., stricter audits, privacy reviews, compliance).\n\nYou can also configure the chunking parameters for source code and documentation:\n\n`chunk_lines`\n\n: Number of lines per chunk`chunk_lines_overlap`\n\n: Overlap between chunks`max_chars`\n\n: Max characters per chunk\n\nMetis discovers language plugins using Setuptools entry points. Packages can expose plugins by declaring the group `metis.plugins`\n\nin their packaging metadata. Each entry should resolve to a class implementing `metis.plugins.base.BaseLanguagePlugin`\n\nand optionally accept `plugin_config`\n\nin the constructor.\n\nExample `pyproject.toml`\n\nfor a third-party plugin:\n\n```\n[project.entry-points.\"metis.plugins\"]\nmy_lang = \"my_pkg.my_module:MyLanguagePlugin\"\n```\n\nMetis provides an interactive CLI with several built-in commands. After launching, you can run the following:\n\n`--custom-prompt PATH`\n\n– optional`.md`\n\nor`.txt`\n\nfile that contains additional guidance. When provided, Metis loads it once and weaves the text into every security-review prompt. If the flag is omitted, Metis looks for`.metis.md`\n\nin your project root and uses it when present. Use this to inject organization-specific policy or security requirements without editing`plugins.yaml`\n\n.`--backend chroma|postgres`\n\n– choose vector-store backend (default`chroma`\n\n).`--project-schema`\n\n/`--chroma-dir`\n\n– backend-specific knobs.`--triage`\n\n– after`review_code`\n\n,`review_file`\n\n, or`review_patch`\n\n, triage findings and annotate SARIF output.`--include-triaged`\n\n– include findings already triaged by Metis when running triage.`--ignore-index`\n\n– allow`review_code`\n\n,`review_file`\n\n,`review_patch`\n\n, and`triage`\n\nto run without index-backed context. Metis warns and skips retrieval in this mode. It does not apply to`ask`\n\nor`update`\n\n.`--verbose`\n\n,`--quiet`\n\n,`--output-file`\n\n,`--output-files`\n\n– control logging and export formats.\n\nIndexes your codebase into a vector database. Must be run before any analysis.\n\nPerforms a full security review of the indexed codebase.\nUse `--ignore-index`\n\nto run without retrieval when no index is available.\n\nPerforms a targeted security review of a single file.\nUse `--ignore-index`\n\nto run without retrieval when no index is available.\n\nReviews a diff/patch file and highlights potential security issues introduced by the change.\nUse `--ignore-index`\n\nto run without retrieval when no index is available.\n\nIncrementally updates the index using a diff. Avoids full reindexing.\n\nAsk Metis anything about the indexed codebase. Useful for exploring architecture, identifying design patterns, or clarifying logic.\n\nTriages findings in a SARIF file and annotates each result with Metis triage metadata.\nYou can use this command on SARIF generated by Metis or by other security/static-analysis tools.\nUse `--ignore-index`\n\nto triage without retrieval when no index is available.\nSee [docs/triage-flow.md](/arm/metis/blob/main/docs/triage-flow.md) for a short overview of how triage works.\n\nMetis also supports a non-interactive mode, useful for automation, CI/CD pipelines, or scripted usage.\n\nTo use Metis in non-interactive mode, use the --non-interactive flag along with --command:\n\n```\nmetis --non-interactive --command \"<command> [args...]\" [--output-file <file.json>]\nmetis --codebase-path <path_to_src>\n```\n\nIf you prefer not to use the default ChromaDB backend, you can switch to PostgreSQL either using a local installation or the provided Docker setup.\n\nTo get started quickly, run:\n\n```\ndocker compose up -d\n```\n\nThis will launch a PostgreSQL instance with the pgvector extension enabled, using the credentials specified in your `docker-compose.yml`\n\n.\n\nThen, run Metis with the PostgreSQL backend:\n\n```\nmetis \\\n  --project-schema myproject_main \\\n  --codebase-path <path_to_src> \\\n  --backend postgres\n> review_file src/memory/remap.c\n```\n\nVulnerable source code:\n\n```\n// Remap memory addresses from one region to another\nfor (uint32_t* ptr = start; ptr < end; ptr++) {\n    uint32_t value = *ptr;\n    if (value >= OLD_REGION_BASE && value < OLD_REGION_BASE + REGION_SIZE) {\n        value = value - OLD_REGION_BASE + NEW_REGION_BASE;\n    }\n}\n```\n\nExample output:\n\n```\nFile: src/memory/remap.c\nIdentified issue 1: Address Remapping Loop Does Not Update Memory\nSnippet:\nfor (uint32_t* ptr = start; ptr < end; ptr++) {\n    uint32_t value = *ptr;\n    if...\nWhy: In the remap_address_table function, the code is intended to adjust address references from an old memory region to a new one. However, the updated value stored in the local variable 'value' is never written back into memory at the pointer location (*ptr). This means the address entries remain unchanged, which can lead to unintended behavior if the system relies on those values being relocated correctly.\nMitigation: Update the loop so that after computing the new address, the value is written back. For example:\nfor (uint32_t* ptr = start; ptr < end; ptr++) {\n    uint32_t value = *ptr;\n    if (value >= OLD_REGION_BASE && value < OLD_REGION_BASE + REGION_SIZE) {\n        value = ((value - OLD_REGION_BASE) + NEW_REGION_BASE);\n        *ptr = value;\n    }\n}\nThis ensures that each entry is properly updated to point to the relocated memory region.\nConfidence: 1.0\nmetis --non-interactive --command \"review_code\" --output-file results/full_review.json\nmetis --non-interactive \\\n  --triage \\\n  --command \"review_patch changes.diff\" \\\n  --output-file results/review.json \\\n  --output-file results/review.sarif\nmetis --non-interactive --command \"triage results/review.sarif\"\nmetis --non-interactive \\\n  --ignore-index \\\n  --command \"review_code\" \\\n  --output-file results/full_review.json\nmetis --non-interactive \\\n  --include-triaged \\\n  --output-file results/retriaged.sarif \\\n  --command \"triage results/review.sarif\"\n```\n\nMetis is distributed under Apache v2.0 License.", "url": "https://wpnews.pro/news/arm-open-sources-ai-powered-security-code-review", "canonical_source": "https://github.com/arm/metis", "published_at": "2026-05-29 18:28:51+00:00", "updated_at": "2026-05-29 18:46:51.608331+00:00", "lang": "en", "topics": ["artificial-intelligence", "large-language-models", "ai-tools", "ai-agents", "ai-safety"], "entities": ["Arm", "Metis", "Arm's Product Security Team", "vLLM", "Ollama", "LiteLLM"], "alternates": {"html": "https://wpnews.pro/news/arm-open-sources-ai-powered-security-code-review", "markdown": "https://wpnews.pro/news/arm-open-sources-ai-powered-security-code-review.md", "text": "https://wpnews.pro/news/arm-open-sources-ai-powered-security-code-review.txt", "jsonld": "https://wpnews.pro/news/arm-open-sources-ai-powered-security-code-review.jsonld"}}