Pwnkemon

Notes from the team

Architecture decisions, technique writeups, and product stories from building an agentic security platform. Updated when we ship something worth writing about.

Architecture·9 June 2026·6 min read

We put an LLM in the triage loop on purpose. Here's the reasoning.

A rules engine can tell you a CVE exists. It can't tell you whether it matters in your repo. That judgement — the part a senior engineer does in their head before they bother you — is exactly what a language model is good at, and exactly where most scanners stop. Here's where the model helps, where it doesn't, and the guardrails that keep it honest.

Read →
Architecture·9 June 2026·7 min read

We scan your private repo. Here's why we can't leak it.

Handing a third party read access to your source code is a real risk, and 'trust us' is not an answer. So we built the scanner so that even a fully compromised scan container can't exfiltrate your code or steal a credential. No long-lived secrets on the box, per-scan tokens, locked-down egress. Here is the actual architecture.

Read →
Story·5 June 2026·6 min read

IronWorm wants to run on your CI runner. Ours doesn't run there at all.

JFrog and Ox Security disclosed IronWorm: a self-propagating npm worm with a Rust infostealer that fires from a preinstall hook and hunts 86 env vars and 20 credential files. Here's exactly what our no-code-on-your-runner architecture buys you when a worm like this is live, and, honestly, where it doesn't help.

Read →
Story·25 May 2026·7 min read

13 minutes against OWASP Juice Shop: anatomy of a real Pwnkemon scan

We pointed Pwnkemon at the most-scanned vulnerable web app in the world and let the agent decide what to look for. 13 minutes later: 11 confirmed findings including a critical SQL injection that took the app offline and a JWT key exposure path to admin takeover. Here's what the agent actually did, in order.

Read →
Story·24 May 2026·4 min read

The day our daily self-scan saved our launch

Six hours before launch, our own product caught seventeen CVEs we'd picked up overnight. Including a cryptography library advisory published less than twelve hours earlier. Here's what dogfooding actually looks like.

Read →
Architecture·24 May 2026·6 min read

Why we don't run scanners on your GitHub runner

Every other security GitHub Action runs scanner code on your CI runner, the same runner that holds your deploy secrets. We think that's the wrong tradeoff. Here's the architecture we chose instead.

Read →
Architecture·23 May 2026·5 min read

What an LLM-triaged security report should look like

Most scanners ship you a database query result and call it a report. We think the report IS the product. Here's the anatomy of a Pwnkemon scan output: what's in it, what's deliberately left out, and why.

Read →