From-scratch reimplementation of Mythos Glasswing pipeline (github.com)

A new project has emerged, offering a from-scratch reimplementation of the Mythos Glasswing pipeline, an innovative 8-stage vulnerability discovery agent designed to enhance real-world software testing. Utilizing the Claude Pro / Max subscription via the Claude Code Agent SDK, this agent employs a novel approach to vulnerability detection, emphasizing the use of multiple narrow agents working collaboratively, rather than relying on a single comprehensive model. Key practices include the use of deliberate disagreement—where one agent may challenge another's findings—and the implementation of a reachability gate to ensure that detected vulnerabilities can actually be exploited. This development is significant for the AI/ML community as it represents a shift towards more practical, effective techniques in vulnerability discovery, aligning with industry needs for rigorous software security measures. The pipeline consists of stages that include reconnaissance, targeted hunting, validation, gap-filling, deduplication, and reporting, each using different models to enhance reliability and accuracy. Open-sourced under the MIT license, the project enables developers to integrate sophisticated vulnerability detection into their workflows without the necessity of an API key, thereby democratizing access to advanced security tools.