Anthropic’s vuln harness is more workshop jig than boxed scanner

Anthropic’s Defending Code Reference Harness is not presented as a maintained product. The README says the repository is not maintained and is not accepting contributions. That makes the release more useful as a worked example: how should a team wrap an LLM when the goal is vulnerability discovery rather than ordinary code review?

The reference pipeline follows a recon → find → verify → report → patch loop. Its default target is C/C++ memory vulnerability work with Docker and ASAN, while autonomous runs are expected to happen inside a gVisor sandbox. The repo also includes Claude Code skills for threat modeling, scanning, triage, customization, and patch drafting, separating interactive human-reviewed work from runs that execute target code.

The HN discussion quickly moved to practical questions. One prominent comment compared tools like this to shop jigs: valuable for ideas, but often rebuilt around a team’s own interface, target definitions, and alerting style. Another thread focused on operating cost, pointing to the README’s rough token-rate guidance and asking what parallel agents would cost with stronger models.

That is the real takeaway. A vulnerability agent is only partly about the model. The surrounding harness decides what counts as a finding, how crashes are reproduced, how duplicates are removed, which sandbox boundaries are enforced, and when a patch is considered verified. Anthropic also points readers toward its hosted Claude Security product, but the open repo is most interesting as a blueprint for teams that want to build their own pipeline and make those tradeoffs explicit.