Show HN: Probus, AI vuln scanner
A May 5, 2026 Hacker News post announcing Probus, an AI-assisted vulnerability scanner. The author says the tool was run against projects they use and lists reported findings in n8n, Vercel AI SDK, LangGraph.js, browser-use, and Haystack.
Date
May 5, 2026
First Seen
May 5, 2026
Last Reviewed
May 8, 2026
Publisher
Hacker News
Source Type
post
Related reading
OpenClaw Security GuideA practical baseline for local binding, scoped credentials, sandboxing, runtime checks, and Armorer Guard.
Securing OpenClaw with Armorer GuardHow Armorer wraps OpenClaw with managed setup, Docker hardening, health checks, approvals, and Guard-backed scanning.
Source Summary
What It Contains
A May 5, 2026 Hacker News post announcing Probus, an AI-assisted vulnerability scanner. The author says the tool was run against projects they use and lists reported findings in n8n, Vercel AI SDK, LangGraph.js, browser-use, and Haystack.
Extracted Claims
- The author reports three Vercel AI SDK findings, including a runtime schema bypass in
ToolLoopAgent. - The post links the Vercel AI SDK findings to GitHub pull requests, including PR #14750 for
callOptionsSchemaenforcement. - The described scanner design separates analyst, researcher, and QA agents, with each agent running in its own query session and a filesystem sandbox scoped to the target repository.
Evidence Quality
Useful fresh public discussion and discovery context, but it is not the primary vulnerability record. The linked upstream GitHub pull request is the stronger evidence for the Vercel AI SDK issue.
Follow-Up
- Prefer upstream project PRs, advisories, or releases for authoritative remediation details.
- Track whether the scanner's multi-agent verification pattern becomes a reusable defensive control or benchmark for agent-framework security testing.