{
  "schema_version": "1.0",
  "id": "archive:https://github.com/usestrix/strix",
  "slug": "strix-1phvzm1",
  "url": "https://feed7.dev/p/strix-1phvzm1",
  "title": "usestrix/strix",
  "why_included": "Strix is an Apache-2.0 open-source AI pentesting agent trending on GitHub: multi-agent recon and exploitation against your own apps, validating findings with working PoCs and generating fix PRs.",
  "summary": "**The gist** Strix, an open-source autonomous pentesting platform at **30.9k GitHub stars**, runs code dynamically and validates every finding with a working proof-of-concept. **Multi-agent** orchestration chains recon, exploitation, and post-exploitation; coverage spans the **OWASP Top 10** — SQL injection, XSS, SSRF, IDOR, JWT attacks — with CVSS scoring and **auto-fix pull requests**. Apache 2.0, written in Python.",
  "practical_implication": "**Why it matters** It fits a coding-agent workflow: point it at a local codebase, a GitHub repo, or a live app, or run it headless in **CI via GitHub Actions** to catch vulnerabilities your code-writing agent introduced. You **bring your own LLM key** (OpenAI, Anthropic, or Gemini models are recommended).",
  "agent_context": "**The gist** Strix, an open-source autonomous pentesting platform at **30.9k GitHub stars**, runs code dynamically and validates every finding with a working proof-of-concept. **Multi-agent** orchestration chains recon, exploitation, and post-exploitation; coverage spans the **OWASP Top 10** — SQL injection, XSS, SSRF, IDOR, JWT attacks — with CVSS scoring and **auto-fix pull requests**. Apache 2.0, written in Python.\n\n**Why it matters** It fits a coding-agent workflow: point it at a local codebase, a GitHub repo, or a live app, or run it headless in **CI via GitHub Actions** to catch vulnerabilities your code-writing agent introduced. You **bring your own LLM key** (OpenAI, Anthropic, or Gemini models are recommended).\n\n**Watch out** It generates **working exploits**, so only test apps you own or have permission to test. First runs pull a sandbox image and need **Docker** running, and the project is in active development with open issues.",
  "source": {
    "name": "GitHub",
    "url": "https://github.com/usestrix/strix",
    "published_at": null
  },
  "source_class": "tool",
  "content_type": "GitHub Repo",
  "layer": null,
  "domains": [],
  "topics": [],
  "verification": {
    "status": "needs_review",
    "label": "Needs Review",
    "method": "unverified",
    "verified_at": null
  },
  "uncertainty": [
    "It generates **working exploits**, so only test apps you own or have permission to test. First runs pull a sandbox image and need **Docker** running, and the project is in active development with open issues."
  ],
  "lifecycle": "Current",
  "published_at": null,
  "modified_at": null,
  "supersedes": [],
  "expires_at": null,
  "formats": {
    "html": "https://feed7.dev/p/strix-1phvzm1",
    "json": "https://feed7.dev/p/strix-1phvzm1.json",
    "markdown": "https://feed7.dev/p/strix-1phvzm1.md"
  }
}