**deepsec** is an agent-powered vulnerability scanner developed by Vercel Labs that runs directly in your own infrastructure — no cloud dependency, no data leaving your servers. It leverages coding agents (Claude Code, Codex) at maximum "thinking" levels to perform deep, exhaustive security audits of large codebases, surfacing hard-to-find vulnerabilities that have been lurking undetected for years. The scanner fans work out across multiple worker machines in parallel for large repos, and all operations are idempotent — interrupt a job and restart, and deepsec picks up exactly where it left off. It's designed for teams who need thorough security reviews without relying on third-party SaaS scanners.

## Key Features

- **Agent-Powered Deep Analysis**: Uses coding agents configured for maximum thinking effort to analyze every corner of your codebase — including business logic flaws, authentication weaknesses, and subtle injection vectors that pattern-matching scanners miss entirely.
- **Self-Hosted & Infrastructure-Ready**: Runs entirely in your own environment (npx deepsec init, pnpm deepsec scan), with optional Vercel Sandbox for isolation. No code ever leaves your infrastructure.
- **Extensible Matcher System**: Ships with built-in matchers for common CWEs, but lets you write custom matchers to capture project-specific vulnerability patterns. Plugins supported via a clean extension API.
- **Idempotent Parallel Scanning**: Work fans out across distributed workers for large repos. Commands are fully idempotent — partial runs resume from exactly where they stopped.

## Community Discussions

**Issue #33 — Rate Limit Handling Gets Ugly** ([4 comments](https://github.com/vercel-labs/deepsec/issues/33))

> "I ran deepsec on my project using Claude Code on a 20x Max plan. It hit rate limits and I got this output: `Agent SDK error: Claude Code returned an error result: You've hit your limit · resets 3:30am` — Many affected investigations then still show: `Investigation complete` as if nothing happened."

A user confirmed this on Windows. The maintainer quickly acknowledged it and a PR was opened to mark quota-exceeded batches as `partial` and `retryable` rather than silently marking files as analyzed. This shows the project responding actively to real-world usage friction.

---

**Issue #32 — Codex Quota Confusion** ([4 comments](https://github.com/vercel-labs/deepsec/issues/32))

> "When running `pnpm deepsec process --project-id meseeks` with `--agent codex`, I keep getting `Codex stream error: Quota exceeded.` — The requests went through my API_KEY somehow, and burned everything I had."

A user discovered that deepsec was falling back to their API key instead of the Codex CLI session they'd been using all day. A maintainer clarified that the Codex error comes from the Codex CLI itself, not deepsec, and recommended running `/status` inside a `codex` CLI session to check the quota profile being used. The distinction between CLI auth and API key auth caught at least one user off guard.

---

**Issue #46 — Tarball Symlink Escape (CVE Class Fix)** ([3 comments](https://github.com/vercel-labs/deepsec/issues/46))

> "extractTarballLocally previously shelled out to `tar -xzvf` with no hardening, so a tarball produced inside the (untrusted) sandbox VM could plant a symlink member followed by a regular file member writing through it. That turned sandbox-side code execution into orchestrator host arbitrary file write — a clean escape across the trust boundary the README threat model defines."

The fix switched to node-tar with runtime resolution against pnpm's node_modules, effectively closing a CVE-2007-4131/CVE-2018-20482 class vulnerability where malicious sandbox output could escape to the host. The maintainer also required signed commits for the security patch. Socket Security bot was automatically tagged to review dependency changes.

## Summary

deepsec is a seriously impressive piece of security tooling — the idea of letting a coding agent with maximum thinking effort tear through your entire codebase, including the hard-to-reach corners like business logic and subtle auth flows, is genuinely new territory. The fact that it caught a tarball escape vulnerability in its own sandbox implementation proves it can find real issues. The community is small but active, with maintainers responding quickly to bug reports and feature requests. Worth adding to your security toolkit if you're shipping production code.

[@vercel-labs](https://github.com/vercel-labs) · [GitHub Repository](https://github.com/vercel-labs/deepsec) · [⭐ 1,233](https://github.com/vercel-labs/deepsec/stargazers)