๐Ÿ›ก๏ธ Adversarial SAST โ€” the false positive dies on screen

Paste code; stage 1 detects candidate vulnerabilities, stage 2 adversarially refutes each. The Verify ON/OFF toggle is the demo: off, the raw detector is noisy; on, the false positives die and only real findings (with a PoC) survive. The default example hides a fake SQL injection (a SELECT built from an int) next to a real command injection โ€” only the real one survives.

Language
Examples

Snippet: Qwen2.5-Coder-7B on ZeroGPU ยท whole-repo: detect Qwen3-Coder-480B + refute Qwen2.5-Coder-32B, both via HF Inference ยท static analysis, no code execution, no secrets ยท built by Ferr0 ยท pixelium.win ยท GitHub