Coding
Revelio: Cost-Efficient Agentic Memory Safety Vulnerability Detection For Repository-Scale Codebases
Revelio is an end-to-end framework designed for cost-efficient detection of memory safety vulnerabilities in large codebases, leveraging inexpensive large language models (LLMs) and lightweight static analysis. It generates executable Proof-of-Vulnerability to mitigate hallucination issues, confirming vulnerabilities with a deterministic sanitizer. Evaluated on seven production-quality projects and 100 CyberGym benchmark projects, Revelio identified 19 previously unknown vulnerabilities at a total cost of $300, outperforming existing coding agents on benchmarks, thus providing a scalable solution for practitioners in memory safety detection.
memorysafetyvulnerability