Argus247

A security guard that never sleeps: An autonomous AI agent that proactively detects, reasons about, and patches vulnerabilities in real-time.

Comment

Inspiration

In the world of cybersecurity, the gap between a vulnerability being discovered and a patch being deployed is where attacks happen. Traditional tools are often passive—they wait for a scheduled scan or a developer to run a linter. We asked ourselves: "What if we had a security engineer who never slept, never lost context, and could fix code the moment it broke?"

We wanted to move beyond simple pattern matching (Regex) and build an agent that understands the intent of the code, reasons about potential attack vectors using "System 2" thinking, and autonomously takes action to secure the system.

What it does

Argus247 is a "Marathon Agent"—an always-on loop that lives inside your development environment.

  1. Monitors: It watches a live file system for changes.
  2. Reasons: It uses Gemini 3 Pro's thinking capabilities to analyze code, not just for syntax, but for security logic (e.g., "Is this input sanitized before reaching the database?").
  3. Remembers: It maintains a "Thought Signature"—a compressed memory of its previous reasoning—so it doesn't start from scratch every scan cycle.
  4. Patches: When a threat is found, it generates a secure code patch.
  5. Verifies: It simulates a browser/test environment to verify the fix doesn't break functionality before deploying it.

How we built it

We built Argus247 as a sophisticated React application that simulates a complete server environment in the browser.

  • The Brain: We utilized the Google Gemini API, specifically the Gemini 3 Pro model for high-budget "thinking" tasks (Analysis & Patching) and Gemini Flash for high-speed verification loops.
  • The Environment: We engineered a Virtual File System (VFS) in React state. This allows users to edit code in real-time (like adding a SQL injection), and the agent reads from this VFS just like a real agent would read from disk.
  • The Loop: The core is an asynchronous recursive loop that manages token budgets, handles API rate limits with exponential backoff, and updates the UI with the agent's "Thought Process".
  • Visualization: We used HTML5 Canvas for the network traffic visualizer and Recharts for live metric tracking to make the invisible work of the AI visible to the user.

Challenges we ran into

  • Rate Limits & Quotas: The Gemini 3 Pro "Thinking" model is powerful but resource-intensive. We frequently hit 429 Resource Exhausted errors. We solved this by implementing an exponential backoff retry mechanism and tuning the agent's "Thinking Budget" and scan intervals dynamically.
  • Context Management: Passing the entire history of logs and code to the LLM every few seconds is too expensive. We had to design the "Thought Signature" system—a way for the agent to summarize its current state into a small string to pass to its future self.
  • Browser Simulation: Demonstrating "patching" in a static web app was tricky. We had to build a fully reactive code editor that permits the AI to overwrite user input in real-time without breaking the React render cycle.

Accomplishments that we're proud of

  • The "Alive" Feeling: The agent genuinely feels autonomous. You can break the code, sit back, and watch the cursor move (virtually) as the file updates itself with a fix.
  • Visualizing Thought: We successfully exposed the hidden "Thinking" tokens of Gemini 3, allowing users to see why the agent decided a piece of code was vulnerable.
  • Resilience: The system recovers gracefully from API errors, ensuring the "Security Guard" never actually crashes, just takes a breather.

What we learned

  • Cognitive Architectures: We learned that "System 2" thinking (slow, deliberative) is vastly superior for security auditing than "System 1" (fast, predictive). Giving the model a token budget to "think" drastically reduced false positives.
  • Agent Loops: Building a loop that runs forever requires careful memory management and state synchronization, especially in a frontend framework like React.
  • Human-AI Trust: Showing the "Thought Signature" builds trust. Users need to know why an agent is changing their code.

What's next for Argus247

  • Real File System Access: Porting the core logic to an Electron app or a VS Code Extension to patch actual local files.
  • Multi-File Context: enabling the agent to understand dependencies across the entire project tree, not just active files.
  • CI/CD Integration: deploying Argus247 as a GitHub Action that autonomously opens PRs with fixes for security vulnerabilities.

Built With

Share this project:

Updates