{"slug": "vulnhunter-agentic-ai-security-tool", "title": "VulnHunter: Agentic AI Security Tool", "summary": "Capital One released VulnHunter, an open-source agentic AI security tool that simulates attacker behavior to find exploitable vulnerabilities in source code. The tool uses Claude Opus to perform forward analysis from entry points, falsify its own findings, and generate evidence-backed fixes, aiming to reduce false positives common in traditional SAST scanners.", "body_md": "From pattern-matching to provability.\n\nVulnHunter is an open-source, **agentic AI security tool** that applies proactive, attacker-first analysis directly to source code.\n\nUnlike traditional, passive SAST scanners that flag suspicious patterns and often cause false positives, VulnHunter reasons like an adversary. It **identifies** which defects are actually exploitable, maps prospective attack paths, and proposes targeted, evidence-backed fixes.\n\nModern software supply chains are deeply interconnected. A single vulnerability in a widely-used open-source component can ripple across thousands of enterprises simultaneously.\n\nDeveloped internally at Capital One, VulnHunter is released to the community because no single organization can solve this challenge alone.\n\nWarning\n\n**Cyber-safeguard disclaimer**\nVulnHunter performs dual-use cybersecurity work (vulnerability discovery and exploitation). If you run it against an Anthropic account that is **not** enrolled in Anthropic's [Cyber Verification Program](https://support.claude.com/en/articles/14604842-real-time-cyber-safeguards-on-claude), real-time cyber safeguards may block requests and your usage may be flagged for cyber abuse. If you intend to use VulnHunter on Anthropic's first-party platforms (Claude API / Claude Code), we strongly recommend enrolling first via the [verification portal](https://portal.anthropic.com/programs/cvp).\n\nImportant\n\n**Prerequisites & Model Requirements**\nBuilt and optimized for **Claude Opus** running in ** Claude Code**.\nThe framework depends on deep, multi-step reasoning and requires frontier Opus-class models.\n\n**You supply your own model access.**\n\n**Attacker-First Forward Analysis:** Conventional tools often leverage \"sink-first\" analysis, looking at potentially dangerous code patterns to search backward for a hypothetical attacker, flooding teams with false positives. VulnHunter flips this model to simulate a bad actor's exact journey. It begins at potential attacker-accessible entry points (APIs, network messages, file uploads) and reasons*forward*to evaluate whether an attacker can truly break through.**Falsification Engine:** After finding a potential vulnerability, VulnHunter runs a structured reasoning workflow specifically designed to*disprove*its own argument. It searches for flawed assumptions, logic gaps, or security controls that would block the attack. It is designed to immediately discard findings that rely on unsupported assumptions. What reaches you is a high-priority, actionable defect.**Evidence-Backed Remediation:** When a defect survives the falsification engine, VulnHunter maps the exact exploit path, explains the structural flaw, details the specific capabilities or access an attacker would gain, and generates focused, targeted code changes for review.\n\nVulnHunter ships as three composable [Claude Code](https://docs.claude.com/en/docs/claude-code) skills that form a complete, automated remediation loop:\n\n| Skill | Phase | Core Responsibility |\n|---|---|---|\n`/vulnhunt` |\nHunt |\nMaps entry points to dangerous sinks. Filters findings through a multi-stage falsification pipeline (Recon → Parallel Hunt → Adversarial Disprove → Capability Filter). Emits only verified issues with an executable exploit and a proposed fix. |\n`/vulnhunter-fix` |\nFix |\nDeveloper-led, test-driven remediation. It writes an exploit demo, creates a failing security test (RED), implements the code fix (GREEN), verifies the exploit is blocked without regressions, and cuts a reviewable PR. |\n`/vulnhunt-fix-verify` |\nVerify |\nA completely separate, read-only agent that independently validates whether a finding was successfully remediated. It emits a per-finding verdict so fixes are proven, not taken on faith. |\n\nNote:For running this loop unattended at scale,`vulnhunter-agent/`\n\nwraps the scanner in a headless runtime, while`harness/`\n\ndrives it across multiple repositories in batch.\n\nOn the naming:the suite isVulnHunter, but the core scanner command is`/vulnhunt`\n\n(and the verifier`/vulnhunt-fix-verify`\n\n) — the shorter form is intentional, not a typo. The`/vulnhunter-fix`\n\nremediation skill and the`vulnhunter-agent/`\n\nruntime keep the full spelling.\n\nEach component is organized into a self-contained subtree:\n\n| Path | Description |\n|---|---|\n`vulnhunt/` |\nThe core `/vulnhunt` scanner skill (Prompt-only: `SKILL.md` + phases). See\n`vulnhunt/README.md` |\n`vulnhunter-fix/` |\nThe `/vulnhunter-fix` skill, its companion Python helper package, and tests. See\n`vulnhunter-fix/README.md` |\n`vulnhunt-fix-verify/` |\nThe `/vulnhunt-fix-verify` standalone verification skill (Prompt-only). See\n`vulnhunt-fix-verify/README.md` |\n`vulnhunter-agent/` |\nConfig-driven headless runtime wrapper that runs scans and files GitHub issues. See\n`vulnhunter-agent/README.md` |\n\n`harness/`\n\n[.](/capitalone/VulnHunter/blob/main/harness/README.md)`harness/README.md`\n\n[Claude Code CLI](https://docs.claude.com/en/docs/claude-code), authenticated with access to**Claude Opus**.- Python 3.12+ (Required only for the runtime agent and the benchmarking harness).\n*Responsibility Check:*Ensure you are only scanning code bases you are explicitly authorized to analyze.\n\n```\n# Clone the repository\ngit clone https://github.com/capitalone/vulnhunter.git\ncd vulnhunter\n\n# Copy skills into ~/.claude/skills/\n./install.sh      \n\n# (Optional) To clean up or remove installed skills\n# ./uninstall.sh\n```\n\nNote\n\n`install.sh`\n\ncopies files directly (rather than symlinking) because symlinks can break `find`\n\n/`glob`\n\nfunctionality inside subagents. Re-run `./install.sh`\n\nafter pulling updates to refresh your local environment.\n\n```\nclaude --model opus --add-dir ~/.claude/skills/vulnhunt --add-dir ~/.claude/skills/vulnhunt/phases\n\n# Inside the Claude Code session, invoke:\n/vulnhunt\n```\n\nThe fixer requires `git`\n\n, the GitHub CLI (`gh`\n\n) authenticated to your target repositories, and its Python helpers installed (`pip install -e \".[dev]\"`\n\ninside the `vulnhunter-fix/`\n\ndirectory).\n\n```\nclaude --model opus --add-dir ~/.claude/skills/vulnhunter-fix\n\n# Inside the Claude Code session, invoke:\n/vulnhunter-fix\n```\n\n*See *\n\n`vulnhunter-fix/README.md`\n\nfor advanced operational modes and configuration settings.The verifier runs strictly read-only over trusted roots under a tight tool envelope (Read/Write/Edit/Glob/Grep/Agent—**no Bash execution, no network access**). The caller must pre-create the output (`out`\n\n) directory.\n\n```\nclaude --model opus --add-dir ~/.claude/skills/vulnhunt-fix-verify \\\n       --add-dir ~/.claude/skills/vulnhunt-fix-verify/phases\n\n# Inside the Claude Code session, invoke:\n/vulnhunt-fix-verify repo=<abs_path> report=<abs_path> fixed=VULN-001,... out=<abs_path> [comments=<abs_path>] [additional_repos=<path1>,<path2>]\n```\n\nFor non-interactive or CI/CD pipelines, `vulnhunter-agent/`\n\nwraps the scanner into a headless workflow. It clones targets, executes `/vulnhunt`\n\n, publishes results, and opens GitHub issues for confirmed bugs. It connects natively via the direct Anthropic API.\n\nReview the [ vulnhunter-agent/README.md](/capitalone/VulnHunter/blob/main/vulnhunter-agent/README.md) for deployment blueprints.\n\nThe `harness/`\n\ndirectory provides workstation-scale developer tooling. To initialize, run `cd harness && pip install -e \".[dev]\"`\n\n.\n\nManage your target list in `harness/local_harness/batch/REPO_LIST.txt`\n\n(one GitHub URL per line, lines starting with `#`\n\nare ignored):\n\n```\ncd harness\npython -m local_harness.batch.run scan                  # Clone and scan every repo in the list\npython -m local_harness.batch.run scan --resume         # Skip repositories already processed\npython -m local_harness.batch.run status                # Monitor progress across your batch\npython -m local_harness.batch.run collect               # Gather all findings for centralized review\n```\n\nEvaluate scanner accuracy against a known-vulnerable vulnerability corpus (Clone → Scan → LLM-Judge → Tally Metrics):\n\n```\npython -m local_harness.benchmark.run                  # Execute full benchmark run\npython -m local_harness.benchmark.run --repos \"name\"   # Benchmark a single target repository\npython -m local_harness.benchmark.run --tally-only      # Re-generate the analytical report only\n```\n\nBring Your Own Corpus:This repository ships with a minimal synthetic example (`harness/local_harness/benchmark/ground_truth/EXAMPLE.json`\n\n) mapped to public targets like OWASP NodeGoat, Juice Shop, and WebGoat. Build out your own testing suites inside`ground_truth/<repo>.json`\n\n. Define your target scanning/judging engines in`harness/local_harness/config.py`\n\n.\n\nEach Python component maintains its own isolated testing suite. Run them using `pytest`\n\n:\n\n```\ncd harness          && pip install -e \".[dev]\" && python -m pytest tests/ --cov=local_harness\ncd vulnhunter-fix   && pip install -e \".[dev]\" && python -m pytest -q\ncd vulnhunter-agent && pip install -e \".[dev]\" && python -m pytest -q\n```\n\n**A Note on Models:** VulnHunter was precision-tuned for**Claude Opus** and**Claude Code**. Its low false-positive discipline relies heavily on frontier-class reasoning, though the underlying orchestration patterns can be adapted to other advanced foundation models.**Contributing:** See[CONTRIBUTING.md](/capitalone/VulnHunter/blob/main/CONTRIBUTING.md)to propose core framework improvements, prompt updates, or wider model support configurations.**Security:** Review[SECURITY.md](/capitalone/VulnHunter/blob/main/SECURITY.md)for instructions on how to safely report security vulnerabilities found within VulnHunter itself.**License:** Distributed under the terms of the Apache License, Version 2.0. See[LICENSE](/capitalone/VulnHunter/blob/main/LICENSE)for details.", "url": "https://wpnews.pro/news/vulnhunter-agentic-ai-security-tool", "canonical_source": "https://github.com/capitalone/VulnHunter", "published_at": "2026-07-17 01:57:19+00:00", "updated_at": "2026-07-17 02:21:16.991422+00:00", "lang": "en", "topics": ["ai-tools", "ai-agents", "ai-safety", "ai-ethics"], "entities": ["Capital One", "VulnHunter", "Claude Opus", "Claude Code", "Anthropic"], "alternates": {"html": "https://wpnews.pro/news/vulnhunter-agentic-ai-security-tool", "markdown": "https://wpnews.pro/news/vulnhunter-agentic-ai-security-tool.md", "text": "https://wpnews.pro/news/vulnhunter-agentic-ai-security-tool.txt", "jsonld": "https://wpnews.pro/news/vulnhunter-agentic-ai-security-tool.jsonld"}}