-
-
Notifications
You must be signed in to change notification settings - Fork 2
Home
Argus Panoptes, the all-seeing watchman — a hundred eyes on your code.
Argo finds security vulnerabilities in source code by driving an LLM as the analyst — it reads the code the way a human auditor would, rather than matching rules against a graph. Point it at any codebase — a local folder, a private repo, or a public one — and it produces a reviewable vulnerability report.
The core idea: start from reusable general prompts and automatically enrich them with target-specific context (stack, endpoints, docs, advisory history), so every audit runs with tailored prompts instead of generic ones. It runs on whatever you have: Claude Code, the Codex CLI (OpenAI), or a local open-source model.
Argo is an LLM-native SAST — a complement and alternative to rule-based static analyzers (CodeQL, Semgrep): nothing to write (no queries, no rule packs), and it catches logic/authorization bugs that fixed patterns miss, at the cost of being probabilistic rather than exhaustive (see Design Decisions). It is static by design — it never executes the target (a hard guardrail), so it is not a DAST, fuzzer, or symbolic executor.
Bug-bounty triage is one specialized mode (scope/RoE ingest, submission drafts, cross-run resubmission tracking), not the whole tool — see Two Modes.
New to Argo? Read in this order:
- Getting Started — install, first run, the zero-cost modes.
- Two Modes — general code audit vs. bug-bounty triage.
- Architecture — the module map and the 5+ pipeline stages.
- Guardrails & Safety — the non-negotiable rules, and exactly where they're enforced in code.
| Feature | What it buys you |
|---|---|
| Threat-Informed Audit | Opt-out web OSINT (CVEs, advisories, project history) feeds the audit before it starts. |
| Archetype-Driven Prompts | Classifies the software first, then writes custom, ground-truth-baked audit prompts for it. |
| Adversarial Validation | A second model tries to refute every finding before it survives. |
| Docs & History Corroboration | Cross-checks survivors against the project's own docs and VCS history. |
| Design-Aware Impact Discipline | Injects the vendor's accepted-by-design behaviors; blocks reflexive over-claiming. |
| Multi-Backend | Same pipeline on Claude Code, the Codex CLI, or a local/OSS model — plus multi-account fallback. |
| Remediation & Fixes | Opt-in: proposes a patch per finding and verifies it compiles on an isolated copy. |
| Interrogation Chat | Ask "why didn't you find X?" — with a real re-validation path, not just a chatty answer. |
| Runtime Verification | Opt-in: boots the OSS target in a sealed sandbox and confirms findings with a real HTTP PoC. |
| Live Verification | Opt-in, authorized-only: bounded, in-scope, read-only requests against the program's real hosts. |
| Benchmarks & Costs | Precision/recall/F1 against labeled suites, paired with real triager accept-rate and observed cost. |
| Web UI | Paste a program, point at a repo, watch the run live, read the results — no CLI needed. |
- Guardrails & Safety — the constraints enforced in code, with a capability map.
- CLI Reference — every command and flag.
- Vulnerability Class Index — the archetype-keyed vuln-class reference injected into recon.
- Glossary & FAQ — terms and common questions.
- Design Decisions — why Argo is LLM-direct with no CPG/taint engine.
- Roadmap — what's shipped and what's deferred.
Argo is for authorized security review only — your own code, bug-bounty programs with safe harbor, CTFs, or research. Three constraints are enforced in the orchestrator, not left to the prompts: it never auto-submits, it never contacts a live host by default, and the repo is always mounted read-only. Full detail: Guardrails & Safety.
Apache License 2.0. Argo is detection-only; you are responsible for staying within the scope and rules of engagement of any program you point it at.