Skip to content

Feature Second Opinion

Luigi Colluto edited this page Jul 18, 2026 · 1 revision

Feature: Second Opinion

What it is. N additional, fully independent blind recon+audit passes over the same already-ingested scope/repo, run after SCA-adjacent dependency scanning and before Adversarial Validation. Each pass gets its own isolated run directory and its own recon synthesis — it never sees the primary pass's findings — so a bug the primary audit missed still has a real, independent chance to surface, and a bug both passes converge on independently becomes a genuine corroboration signal rather than a restated opinion.

This formalizes a manual technique already used on real disclosures (fastjson2, open62541, moquette): a single LLM audit is one noisy sample of what a careful reader would find, not the answer. A second independent read — optionally on a different backend — recovers misses and validates hits the way a second human reviewer would.

Why not just re-run the primary audit

Re-running the same audit prompt against the same recon output would mostly reproduce the same findings for the same reason it found them the first time — the sampling isn't independent of whatever the first pass's recon synthesis already fixated on. A genuine second opinion needs its own recon pass (its own read of the ground truth, its own invariant/carve-out extraction) so its audit is shaped by an independently-derived understanding of the code, not a copy of the first pass's.

How it merges back

Each pass's raw findings are tagged with source_pass ("second-opinion-1", "second-opinion-2", …) and dropped into the primary's own findings_dir before validate runs. No new matching logic was needed: validate's existing structural dedup (dedup_key = sha1(normalize(file + line + cwe))) and semantic dedup (the batched near-duplicate LLM pass that already collapses cross-focus duplicates within one audit) collapse cross-pass duplicates the exact same way. The only addition is bookkeeping — a survivor that collapsed from more than one pass gets corroborating_passes set to the sorted list of every pass that (independently) found it, surfaced in the report as "independently confirmed by N blind audit passes."

A finding found by only one pass is never penalized or dropped for lacking corroboration — it's kept exactly as validate would keep any other survivor. Corroboration is a positive signal added on top, not a filter.

How it's gated

  • Opt-in, off by default (second_opinion_passes = 0) — --second-opinion N on pipeline, or argo second-opinion --run RUN_ID --passes N standalone against a run that already has findings.
  • --second-opinion-backend BACKEND runs the extra passes on a different backend than the primary (e.g. Claude for a Codex primary run) for genuine cross-engine diversity instead of re-sampling the same model twice. Omit it to reuse the primary's own backend.
  • Uses the same model tiers as recon/audit (model_for("recon") / model_for("audit")) — no dedicated stage model to tune.
  • A failed pass is skipped, never fatal — if a sub-pass's recon or audit session dies, that pass contributes zero findings and the primary's own results are completely unaffected. Same downgrade-don't-delete instinct as the rest of the pipeline, applied to the passes themselves rather than to individual findings.
  • Each pass shares the primary's already-parsed scope.json and already-acquired repo (no re-ingest, no re-clone) — only recon and audit re-run, so the added cost is close to one extra audit's worth per pass, not a second full pipeline run.

Related

  • Adversarial Validation — the stage right after second-opinion; its existing structural + semantic dedup is the only matching machinery this feature relies on.
  • Feature Deep Verify — a different way of getting a second, skeptical read, but on the validated survivor set from a single audit rather than an independent blind pass over the raw scope; the two are complementary, not redundant — second-opinion widens recall before validation, deep-verify tightens precision after it.
  • Multi-Backend — what makes --second-opinion-backend a genuine cross-engine second opinion rather than resampling the same model.

Clone this wiki locally