Skip to content
RORO edited this page Jul 2, 2026 · 2 revisions

poki

A vulnerability harness for Claude Code. It is a set of security skills plus a Dockerized static-analysis backend that turn the agent into a security auditor.

Pages

What is in it

  • security-audit skill runs a fleet of parallel sub-agents through a six-phase pipeline to find exploitable vulnerabilities with real impact. It is a from-scratch rebuild of Cloudflare's Build your own vulnerability harness and security-audit-skill.
  • joern skill drives Joern for structural and data-flow queries (CPGQL): taint tracking and source-to-sink reachability.
  • joern-gateway is a standalone Joern server plus a Python WebSocket gateway in Docker, driven by the joernctl CLI.

Security-audit workflow

security-audit pipeline

Joern gateway architecture

Joern gateway architecture

Quick start

cd joern-gateway
docker compose up -d --build
./joernctl health
./joernctl import /work/target
./joernctl query 'cpg.call.name("system").reachableByFlows(cpg.parameter).p'

Links

Clone this wiki locally