Assay

We pointed Assay at OpenAI, Kubernetes,Shopify, and Cloudflare.

It found vulnerabilities in all of them.

Verification that doesn't trust the AI it's verifying. Neural claim extraction. Symbolic oracles. Deterministic proof.

OpenAICRITICAL
CWE-94

RCE via vm.Script sandbox escape

JavaScript
Buffer.from('').constructor.constructor('return process')()
Found and reported
KubernetesHIGH
CWE-918

SSRF chain across kubeadm discovery endpoints

Go
// RetrieveValidatedConfigInfo — httpsURL passed with no host validation
client.Get(httpsURL)  // user-controlled, full response consumed
Found and reported
KubernetesHIGH
CWE-22

Path traversal to root code execution in GCI mounter

Go
path, _ := filepath.Split(os.Args[0])  // attacker controls argv[0]
rootfsPath := filepath.Join(path, rootfs)
// then: exec.Command("chroot", rootfsPath, "/bin/mount", ...)
Found and reported
CloudflareHIGH
CWE-918 / CWE-284 / CWE-601

SSRF + CORS + Open Redirect chain

TypeScript
const remote = requestHeaders.get("X-CF-Remote");
await fetch(switchRemote(url, remote), { ... })  // no assertValidURL() call
Found and reported
CloudflareHIGH
CWE-732

OAuth tokens written world-readable

TypeScript
writeFileSync(path.join(configPath), TOML.stringify(config), {
  encoding: "utf-8",  // missing mode option — defaults to 0o644 via umask
});
Found and reported
ShopifyMEDIUM
CWE-338

Predictable CSP nonce via Math.random fallback

TypeScript
// Falls back to Math.random() when crypto.getRandomValues() throws
return new Uint8Array(16).map(() => (Math.random() * 255) | 0);
Found and reported
ShopifyMEDIUM
CWE-338

Weak OAuth state parameter

TypeScript
const randomString = Math.random().toString(36).substring(2)
// Same file correctly uses crypto.getRandomValues() elsewhere
Found and reported
Next.js/VercelMEDIUM
CWE-352

CSRF wildcard origin bypass

TypeScript
// Guard intended to block *.com — but *.com has length 2, bypasses check
if (patternParts.length === 1 && patternParts[0] === '**') return false
Found and reported
npx tryassay assess .Run it on your code.

Not just big targets. Real developers. Real repos.

TurfUmpire91/100

Cricket scoring app — Next.js + Supabase

205 claims verified18 bugs found
2 critical1 high15 medium
View full report →

Drop a repo. We'll scan it free. Join the community →

Human-built code scores 91. Here's what AI platforms score.

Bolt.new
0/100
Lovable (App 1)
0/100
Lovable (App 2)
0/100
Replit
0/100

4 platforms verified. 21 bugs found. 0 passed.

How it works

A neurosymbolic verification loop. Neural systems extract claims. Symbolic oracles verify them. The architecture that makes AI output trustworthy.

1Extract

An LLM reads your code and identifies every implicit claim it makes. “This function handles null input.” “This API returns sorted results.” No regex or AST parser can do this — it requires semantic understanding. This is the neural layer.

2Verify

A deterministic oracle tests each claim. For code, that means actual test execution in an isolated subprocess. The oracle doesn’t hallucinate. It runs the code and reports what happened. This is the symbolic layer.

3Report

When claims fail, the loop feeds oracle evidence back to the LLM for targeted fixes. Neural extraction, symbolic verification, deterministic remediation. Not LLM-as-judge. Not manual review. Structured verification.

Benchmarks →What we check →Docs →

Run it

CLInpx tryassay assess .
GitHub Actionuses: gtsbahamas/hallucination-reversing-system/github-action@main
Free Scan

Drop a GitHub URL and we'll run it for you. Join the community →

View pricing →