Scan a codebase automatically to find dangerous input-to-output code paths.
Review a full audit trail and vulnerability map through a web console.
Query audit results and findings through a REST API.
Try the demo mode with mock data before setting up infrastructure.
| pulseio76/argusmind | chandar-lab/semantic-wm | djlougen/hive | |
|---|---|---|---|
| Stars | 30 | 30 | 30 |
| Language | Python | Python | Python |
| Setup difficulty | hard | hard | easy |
| Complexity | 4/5 | 5/5 | 3/5 |
| Audience | developer | researcher | developer |
Figures from each repo's GitHub metadata at analysis time.
Requires Neo4j, PostgreSQL, and Python 3.10 or newer to run.
ArgusMind is an AI-powered code security auditing system that sends a team of AI agents through a codebase to find vulnerabilities automatically. Rather than having a human read source code line by line, ArgusMind breaks the audit into a structured pipeline: one agent collects basic project information, another builds an audit plan organized by programming language and risk type, a third finds dangerous code patterns called sinks (places where user input might reach unsafe operations), and a fourth traces the full call chains leading to those sinks. Results can be reviewed through a web interface or queried through a REST API. The system stores two kinds of data in two separate databases. A graph database called Neo4j holds the relationships between audit stages, programming languages, risk categories, sink points, and call chains, making it possible to navigate the audit results as a connected map. A relational database called PostgreSQL holds the operational data: user accounts, task records, configuration, logs, and the final vulnerability findings. The audit runs in the background after you trigger it, and an internal event system keeps both databases updated in real time so you can watch progress through the web console. The AI agents are driven by a large language model connected through a library called LiteLLM, which means you can point the system at different model providers without rewriting the agent logic. Supporting tools include a fast code-search utility called ripgrep and an agent called OpenCode that can read and reason about source files. Tasks can be paused and resumed, and the system tracks how many tokens each step consumed. The web console ships with a demo mode that shows a full walkthrough using mock data, requiring no backend connection, which is useful for evaluating the interface before setting up the infrastructure. The project is written in Python and requires Neo4j, PostgreSQL, and Python 3.10 or newer.
A multi-agent AI system that automatically audits codebases for security vulnerabilities and tracks findings in a web console.
Mainly Python. The stack also includes Python, Neo4j, PostgreSQL.
Setup difficulty is rated hard, with roughly 1h+ to a first successful run.
Mainly developer.
This repo across BitVibe Labs
Verify against the repo before relying on details.