strix

Coordinates multiple specialized LLM-powered agents operating in isolated Docker containers to execute dynamic security tests. Each agent receives system prompts that define its security testing role, maintains state across execution steps, and communicates findings through a centralized vulnerability deduplication system. Agents operate in a feedback loop where LLM reasoning drives tool selection and execution, with results fed back into the agent's context for iterative testing.

Executes security testing tools (nmap, sqlmap, burp, etc.) within isolated Docker containers managed by a runtime abstraction layer. The tool execution architecture marshals LLM tool calls into container commands, captures output, and streams results back to agents. Sandbox initialization creates ephemeral containers with pre-configured security tool environments, preventing tool execution from affecting the host system or other concurrent scans.

Manages agent lifecycle through a state machine that tracks agent initialization, execution steps, tool invocation, result processing, and termination. Each agent maintains mutable state (current findings, tools attempted, reasoning history) that persists across execution steps, enabling agents to learn from previous attempts and avoid redundant tool calls. The execution loop implements step-by-step reasoning with configurable termination conditions (max steps, timeout, vulnerability threshold reached).

Abstracts differences in function calling APIs across LLM providers through a unified tool call marshaling layer. The system converts agent tool requests into provider-specific formats (OpenAI function calling, Anthropic tool use, etc.), handles response parsing, and manages tool execution errors. Supports parallel tool calls where providers enable it, and implements retry logic for transient tool execution failures.

Optimizes LLM context windows for extended penetration tests by compressing agent reasoning history, tool output, and findings into summarized representations. The system identifies and removes redundant information, summarizes verbose tool output, and maintains only the most relevant context for ongoing reasoning. Compression is applied incrementally as scans progress, preventing context window overflow while preserving critical information needed for vulnerability discovery.

Executes actual exploit code against target applications to validate vulnerabilities rather than relying on pattern matching or static signatures. Agents generate or select proof-of-concept payloads, execute them through sandboxed tools, and analyze results to confirm vulnerability existence. The system deduplicates findings across multiple agents and testing attempts, reducing false positives by requiring successful exploitation as evidence.

Defines specialized agent roles through system prompts that encode domain expertise for specific attack vectors (e.g., web application testing, API security, infrastructure scanning). Agents decompose complex penetration testing tasks into sub-tasks aligned with their specialization, selecting appropriate tools and techniques. The system routes findings between agents for cross-validation and enables agents to request assistance from specialized peers when encountering unfamiliar vulnerability types.

Abstracts LLM interactions behind a provider-agnostic client interface that supports OpenAI, Anthropic, and compatible APIs. The system handles provider-specific differences in function calling formats, token limits, and reasoning capabilities through a unified tool call formatting and parsing layer. Memory compression techniques optimize context windows for long-running scans, and the system automatically falls back to alternative providers if one becomes unavailable.

Aggregates findings from multiple agents and tool executions, deduplicating vulnerabilities based on LLM-powered semantic comparison rather than exact string matching. The system correlates related findings (e.g., multiple SQL injection points in the same parameter) and merges them into consolidated vulnerability reports. Deduplication logic handles variations in vulnerability descriptions, different exploitation paths to the same root cause, and false positive filtering.

Provides dual user interfaces for different operational contexts: an interactive Terminal User Interface (TUI) for real-time monitoring and manual intervention during scans, and a non-interactive CLI mode for CI/CD integration and headless execution. Both modes support the same underlying scan engine but differ in feedback mechanisms — TUI streams live agent reasoning and tool output, while CLI mode buffers results for final report generation. The system abstracts UI concerns from core scanning logic through a unified interface layer.

Supports multiple scan modes (quick, standard, thorough) that adjust agent reasoning depth, tool coverage, and time budgets. Each mode configures the LLM's reasoning effort (e.g., chain-of-thought depth), number of agents deployed, tool selection strategy, and timeout thresholds. The system balances thoroughness against scan duration — quick scans use fast heuristics and limited tool sets, while thorough scans enable extended reasoning and comprehensive tool coverage.

Provides native GitHub Actions integration that runs Strix scans as part of CI/CD workflows and blocks deployments if vulnerabilities exceed configured severity thresholds. The integration marshals scan results into GitHub's native security features (code scanning alerts, security advisories), enabling developers to see vulnerabilities directly in pull requests and commit views. Supports configurable failure policies (fail on critical, warn on high, etc.) and integrates with GitHub's branch protection rules.

Implements a global tracer that instruments agent execution, tool calls, and vulnerability discoveries with structured logging and metrics. The system generates comprehensive vulnerability reports in multiple formats (JSON, YAML, HTML) with detailed remediation guidance, CVSS scores, and compliance mappings. Telemetry can be exported to remote systems for centralized security monitoring, and the system tracks scan statistics (duration, tools used, agents deployed, false positive rate).