// the find
lintsinghua/DeepAudit
DeepAudit:人人拥有的 AI 黑客战队,让漏洞挖掘触手可及。国内首个开源的代码漏洞挖掘多智能体系统。小白一键部署运行,自主协作审计 + 自动化沙箱 PoC 验证。支持 Ollama 私有部署 ,一键生成报告。支持中转站。让安全不再昂贵,让审计不再复杂。
DeepAudit is a multi-agent code security auditing platform that runs Orchestrator/Recon/Analysis/Verification agents against your codebase, then spins up Docker sandboxes to actually execute PoC scripts against found vulnerabilities. It's aimed at security researchers and teams who want LLM-assisted SAST with automated exploit verification rather than just static pattern matching. The project is Chinese-primary but has English docs and is production-deployable via a single Docker Compose command.
The sandbox PoC verification loop is the real differentiator — generating a PoC and running it in an isolated container to confirm exploitability cuts false positives in a way pure static tools can't. The CVE track record is credible: 49 CVEs across 17 projects is not marketing fluff, it's evidence the tool produces actionable findings. LiteLLM integration means you can swap in Ollama/local models so sensitive code stays off third-party APIs, which is a legitimate enterprise concern. The agent architecture is well-decomposed — separate Recon, Analysis, and Verification roles with their own state and retry logic rather than one big God-agent.
The repo is almost entirely Chinese documentation; the English README is a translation afterthought and the agent prompt files and knowledge base are Chinese-only, which will hurt anyone trying to customize or debug the prompts. The sandbox PoC step requires Docker and the audit target to be reachable from inside the container — this silently fails or produces incomplete results for anything that talks to external services, databases with real schemas, or mTLS endpoints. Migration history is non-linear with merge commits in alembic/versions, suggesting schema was developed ad-hoc and upgrading an existing install could be risky. There's no rate limiting or cost ceiling on LLM calls — a large codebase with many files could burn through significant API budget with no guard.