RepoRadar
Leave a Tip
Item detail
github.com

visa/visa-vulnerability-agentic-harness

visa/visa-vulnerability-agentic-harness is a ai appsec harness in RepoRadar's Security Tools section, holding Gold tier and a 'worth watch' verdict. Its strongest signal is workflow potential, scored 8.6 out of 10.

Open source Back to radar
Score8.2
Popularity6.0
Riskhigh
TierGold
Score breakdown
Usefulness8.0
Novelty8.0
Momentum7.0
Maturity6.2
Open-source/build8.4
Evidence8.0
Workflow potential8.6
Setup ease4.2

Popularity is tracked separately. Support, ads, sponsorships, and tips never affect these signals.

Why it matters

Useful for AppSec teams that want an inspectable workflow for AI-assisted vulnerability research instead of ad-hoc prompts and screenshots.

Who should use it

Application security teams evaluating AI-assisted vulnerability discoveryPlatform teams that want structured SARIF and Markdown outputs instead of raw model textResearchers studying multi-stage agent workflows for software securityDevelopers who need a concrete reference implementation for AI-assisted SAST pipelines

Who should skip it

Avoid running visa/visa-vulnerability-agentic-harness in production until you have reviewed its permissions, data-access scope, and failure modes in a sandbox.

About this signal

visa/visa-vulnerability-agentic-harness is tracked by RepoRadar as a ai appsec harness in the Security Tools section. It was first seen on 2026-06-29 and last updated on 2026-06-29. The current verdict is 'worth watch' with a Gold tier and hard setup difficulty. visa/visa-vulnerability-agentic-harness leads on workflow potential (8.6) and open-source/build quality (8.4); its lowest signal is setup ease (4.2), so factor that in before investing setup time. This page summarizes the evidence RepoRadar has captured from captured source metadata. The score, tier, risk label, and verdict on this page are never influenced by sponsorship, ads, or tips — they reflect only the usefulness, popularity, novelty, momentum, maturity, and evidence signals described in the RepoRadar methodology.

How this item is evaluated

RepoRadar assigned visa/visa-vulnerability-agentic-harness a composite score of 8.2 out of 10, placing it in the Gold tier. This score combines weighted sub-signals: usefulness (35%), novelty (18%), momentum (14%), maturity (10%), open-source/build quality (7%), evidence quality (6%), workflow potential (6%), and setup ease (4%). Popularity is tracked separately at 6.0 and never affects the composite score or tier. The risk label of 'high' reflects inherent user-impacting hazards, not generic novelty. Items with no risk flag may still require normal code review before production use.

Putting this into practice? Read How to vet an AI agent or MCP server before you wire it in for the checklist behind this score.

Risk explanation

It automates vulnerability discovery and adversarial verification, so run it only on code you own or have explicit permission to test; The default profile depends on a logged-in Claude Code CLI and the optional full profile uses provider credentials, so treat first evaluation as a controlled lab workflow rather than a casual install.

Evidence links
Closest alternatives / related signals
securitysastagentic-workflowsarifpythonapache-2.0