This article from Cloudflare details the architectural design and implementation of their AI-powered vulnerability harness, Project Glasswing. It focuses on creating a scalable, model-agnostic system that can continuously scan enterprise-level codebases across multiple languages and repositories. Key architectural considerations include state externalization, persistent storage, distributed orchestration, and a two-stage discovery and validation workflow to minimize false positives and enhance reliability.
Read original on Cloudflare BlogTraditional AI agents for security analysis often suffer from limitations such as context window exhaustion, lack of persistence, and inability to perform cross-repository reasoning. Cloudflare's Project Glasswing addresses these by building a robust _harness_ that orchestrates various AI models, treating them as interchangeable components rather than relying on a single model. This model-agnostic approach is crucial for adapting to the rapidly evolving AI landscape and ensuring comprehensive vulnerability coverage.
The system employs a two-stage operational framework: the Vulnerability Discovery Harness (VDH) and the Vulnerability Validation System (VVS). The VDH proactively scans codebases for potential issues, while the VVS is responsible for deduplication, judgment, and fixing. Critically, these two stages use _different_ AI models, ensuring an unbiased, adversarial cross-check of findings. This architectural separation enhances security by preventing a single model's biases from leading to false negatives or positives and improves operational resilience against model volatility.
Context Control and Parallelism
To prevent models from 'hallucinating' due to context window exhaustion, each agent's job is hyper-focused, keeping context usage below 25% of the total window. Persistence must be factored in before parallelism; streaming findings and saving them incrementally ensures that a crash only costs the task in flight, not the entire run.
During the Recon stage, an agent dynamically generates a custom threat model and taxonomy specific to the codebase being analyzed, rather than relying on predefined rules. Hunter agents then move beyond static code analysis, actively compiling code fragments, building small versions, and attacking them within sandboxed environments (built on `unshare`). This approach allows for the discovery of subtle undefined-behavior bugs that static analysis might miss.