OpenAnt – AI Based vulnerability Scanner to Detect Vulnerabilities

OpenAnt is an open-source, LLM-based vulnerability discovery tool designed to help security teams and open-source maintainers proactively identify verified security flaws with minimal false positives and false negatives.

Released under the Apache 2.0 license, OpenAnt is available on GitHub and targets the growing challenge of AI-discovered vulnerabilities in open-source software.

The tool is built around a two-stage pipeline: Stage 1 detects potential vulnerabilities, and Stage 2 attacks simulating real-world exploitation. Only findings that survive both stages are surfaced as verified results, significantly increasing signal accuracy compared to traditional static analysis tools.

“Considering the explosion of AI-discovered vulnerabilities, we hope OpenAnt will be the tool helping open source maintainers stay ahead of attackers,” Knostic noted.

The tool was initially developed as a research project by Nahum Korda, with productization led by Alex Raihelgaus and Daniel Geyshis. Knostic has also acknowledged that some features remain in beta and welcomes community contributions.

How OpenAnt Works: A Two-Stage Detection Pipeline

OpenAnt operates through a structured CLI-based pipeline that users run against local or remote repositories. The workflow includes six sequential commands — parse, enhance, analyze, verify, build-output, and report — or can be executed in a single step using openant scan --verify.

The tool currently supports the following programming languages:

Under the hood, OpenAnt leverages Claude Opus 4.6 via Anthropic’s API for its analysis and verification stages, requiring users to set an Anthropic API key with access to that model. Configuration and project data are stored locally under ~/.config/openant/ and ~/.openant/ respectively, with API keys protected under 0600 file permissions.

Setup requires Go 1.25 or higher to build the CLI binary, and the tool supports both remote repository cloning and local directory referencing with commit pinning for reproducible scans.

The release comes at a time when AI-powered vulnerability research tools are rapidly proliferating, with OpenAI’s Aardvark (now Codex Security) and Claude Code Security from Anthropic operating in adjacent spaces.

Knostic has explicitly stated it has no intention of competing with those platforms, positioning OpenAnt instead as a community-focused, transparent alternative, particularly for open-source maintainers who may lack access to commercial scanning tools.

Knostic is currently in the vulnerability disclosure process for findings uncovered during OpenAnt’s development, signaling that the tool has already produced actionable results. The open-source release also invites independent researchers to validate, extend, and improve its detection capabilities.

Security teams and open-source developers can access OpenAnt on GitHub and review technical details, including token cost estimates.

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.