Quality assurance · Production

Cloudflare builds a multi-agent vulnerability research harness with Anthropic's Mythos Preview

The problem

Triaging security vulnerabilities at scale is hard: deciding which bugs are real and exploitable wastes analyst time, AI vulnerability scanners made the noise problem worse, and generic coding agents lack the context and throughput to meaningfully cover large codebases.

First attempt

Using generic coding agents for vulnerability research produced findings but not meaningful coverage. Previous frontier models identified bugs but could not chain them into working exploits, leaving exploitability an open question. Letting the model write its own patches introduced new regressions.

Workflow diagram · grounded in source
1
Recon: map attack surface
ai_action
“An agent reads the repository from the top down, fans out to subagents responsible for each subsystem, and produces an architecture document covering build commands, trust boundaries, entry points, and likely attack surface. It also gene…”
2
Hunt: parallel bug finding
ai_action
“Each task is one attack class paired with a scope hint. Hunters (the agents that actually look for bugs) run concurrently, typically around fifty at once, each fanning out to a handful of exploration subagents. Each hunter has access to …”
3
Validate: adversarial review
validation
“An independent agent re-reads the code and tries to disprove the original finding. It uses a different prompt and has no ability to emit new findings of its own.”
4
Gapfill: re-queue gaps
feedback_loop
“Hunters flag areas they touched but didn't cover thoroughly. Those areas get re-queued for another pass.”
5
Dedupe: collapse root causes
routing
“Findings that share the same root cause collapse into a single record.”
6
Trace: confirm reachability
ai_action
“For each confirmed finding in a shared library, a tracer agent fans out (one instance per consumer repository), uses a cross-repo symbol index, and decides whether attacker-controlled input actually reaches the bug from outside the system.”
7
Feedback: loop reachable findings
feedback_loop
“Reachable traces become new hunt tasks in the consumer repositories where the bug is actually exposed.”
8
Report: structured output
output
“An agent writes a structured report against a predefined schema, fixes any validation errors against that schema itself, and submits the report to an ingest API.”
Reported outcome

A multi-agent harness built around Mythos Preview produces noticeably higher quality findings with fewer hedged results, and can chain low-severity bugs into working proofs of concept, turning speculative findings into actionable ones.

Reported metrics
Finding qualitynoticeably higher quality: fewer hedged findings, clearer reproduction steps, and less work to reach a fix-or-dismiss decision
Exploit chain capabilitychain them into a single, more severe exploit
Proof-of-concept generationcombining multiple vulnerabilities into a working proof of concept rather than reporting them in isolation
Reported stack
Mythos Preview
Source
https://blog.cloudflare.com/cyber-frontier-models/
Read source ↗

Frequently asked questions

What did this team achieve with this AI workflow?

A multi-agent harness built around Mythos Preview produces noticeably higher quality findings with fewer hedged results, and can chain low-severity bugs into working proofs of concept, turning speculative findings int…

What tools did this team use?

Mythos Preview.

What results were reported?

Finding quality: noticeably higher quality: fewer hedged findings, clearer reproduction steps, and less work to reach a fix-or-dismiss decision; Exploit chain capability: chain them into a single, more severe exploit; Proof-of-concept generation: combining multiple vulnerabilities into a working proof of concept rather than reporting them in isolation (source-reported, not independently verified).

What failed first in this deployment?

Using generic coding agents for vulnerability research produced findings but not meaningful coverage.

How is this quality assurance AI workflow structured?

Recon: map attack surface → Hunt: parallel bug finding → Validate: adversarial review → Gapfill: re-queue gaps → Dedupe: collapse root causes → Trace: confirm reachability → Feedback: loop reachable findings → Report: structured output.