Question 1

Do you need access to my production traffic?

Accepted Answer

No. RiskVoid is source-static with a sandboxed adversarial harness. We clone your repo read-only and drive a replica of your agent with synthetic inputs. Production stays untouched.

Question 2

How is this different from a runtime firewall?

Accepted Answer

Runtime firewalls block requests as they arrive, after the vulnerability has already been written, reviewed, and deployed. RiskVoid analyzes the source to stop the vulnerability from shipping in the first place. Use both; they live in different parts of the SDLC.

Question 3

How is this different from a general SAST tool?

Accepted Answer

SAST tools understand functions; they don't understand prompts or tool graphs. RiskVoid builds a graph of every untrusted string that can reach every tool call: the attack surface unique to agents.

Question 4

What's the feedback loop with my repo?

Accepted Answer

Our GitHub App analyzes every PR. Each finding opens as a review comment with a suggested patch; merging the patch closes the finding automatically. Findings also mirror to Jira, Linear, or Slack.

Question 5

Which severity scale do you use?

Accepted Answer

Five levels (critical, high, medium, low, and informational), mapped to CVSS 3.1 and OWASP LLM Top 10. Overrides are configurable per repo.

Question 6

How do you handle secrets in the sandbox?

Accepted Answer

Real secrets never touch the sandbox. We substitute honeytoken credentials with the same shape and watch where they end up; any exfil attempt becomes a finding, not a breach.

Notes on AI agent security.

Agents, Leaks & Regulations

Security Risks in n8n Workflows: A Practical Guide

Claude Goes to War: Inside China's GTG-1002 Autonomous Cyberattack