UserB1ank/code-audit-system
7 stars · Last commit 2026-06-08
A CVE-oriented multi-agent code audit system implemented as a Claude Code skill. It orchestrates parallel subagents to discover exploitable vulnerabilities in git repositories, write weaponized POCs, verify them against live deployments, and generate CVE-ready reports.
README preview
# Code Audit System — Multi-Agent CVE Discovery Engine
A **CVE-oriented multi-agent code audit system** implemented as a Claude Code skill. It orchestrates parallel subagents to discover exploitable vulnerabilities in git repositories, write weaponized POCs, verify them against live deployments, and generate CVE-ready reports.
> **Core philosophy**: Only report actually exploitable vulnerabilities. The goal is CVE submission, not making code safer.
## Architecture
```
┌──────────────────────────────────────────────────────────┐
│ MainAgent (Orchestrator) │
│ · Fast pre-scan → immediate subagent dispatch │
│ · Deep reconnaissance (parallel with subagents) │
│ · Incremental intelligence injection into subagents │
│ · Workspace & state management │
│ · Final report aggregation │
└──────────────────────────────────────────────────────────┘
│ │ │
▼ ▼ ▼
┌──────────────┐ ┌──────────────┐ ┌──────────────┐