G360 Technologies
Autonomous Code Intelligence

RepoAudit: Auditing CodeAs Humans Would

An autonomous LLM-agent designed for large-scale, repository-level code auditing. Detect vulnerabilities, testing gaps, and bugs — no compilation required.

The Problems RepoAudit Solves

🔐

Are you still troubled by code security issues?

Traditional scanners miss logic-level flaws. RepoAudit reasons over your entire codebase to surface vulnerabilities that static tools overlook.

🧪

Have you complained that program testing misses countless bugs?

Test suites can't cover every path. RepoAudit autonomously identifies untested branches and edge cases before they reach production.

⚙️

Have you found static analysis tools too cumbersome to use?

Legacy tools are language-limited, require compilation, and are hard to configure. RepoAudit works out of the box — no build step needed.

Why RepoAudit

Build-Free

No compilation. No setup friction.

No need to compile your programs — detect potential bugs during development, even in incomplete code generated by AI tools like Copilot. RepoAudit analyzes source directly.

Easy to Customize

Plain prompts, not compiler internals.

Forget about dealing with LLVM IR or compiler plugins. Simply write custom prompts using few-shot chain-of-thought (CoT) prompting to extend RepoAudit's detection capabilities.

Multi-Language Support

One tool across your entire stack.

Analyze code across multiple languages with ease. RepoAudit currently supports C/C++, Java, Go, Ada, and binary code — covering the breadth of modern enterprise repositories.

Latest News

(09/2025): RepoAudit supports binary scanning, enabling deep analysis beyond source code. It has already uncovered dozens of critical vulnerabilities with PoC (Proof of Concept) in real-world firmware, proving its effectiveness in securing software supply chains.

(07/2025): We released the preprint of bugscope, an agent that learns to detect diverse bugs from examples. It beats Cursor BugBot and CodeRabbit, detecting 2× more bugs with high precision.

(07/2025): RepoAudit now supports auditing Ada code.

(06/2025): The preprint of “An LLM Agent for Functional Bug Detection in Network Protocols” has been released, providing the technical details of rfcscan!

(05/2025): RepoAudit was accepted to ICML'25.

(04/2025): RepoAudit now can detect functional bugs in network protocol implementations, supporting rfcscan.

(04/2025): We open-sourced the agent dfbscan, a data-flow bug detector in RepoAudit. Stay tuned as we will open-source other agents (such as bugscope, llmsa, rfcscan, patinf, and propscan) in RepoAudit very soon.

(03/2025): We were invited to DARPA's Resilient Software Systems Demo Day.

(03/2025): RepoAudit detected a memory leak in Uber's geospatial indexing system h3. The bug has been confirmed and the patch has been merged by the developers.

(02/2025): We published the preprint of RepoAudit on arXiv.

(01/2025): We were invited to deliver a talk to the CodeQL team @ GitHub.

(09/2024): Two papers on AI code auditing were accepted by Findings of EMNLP'24 and NeurIPS'24.

Get Started

RepoAudit is built for teams at every level — from engineers running their first scan to researchers pushing the frontier of LLM-driven code analysis.

General Users

Get started by checking out our repository's README. It provides step-by-step guides and usage examples.

View README

Domain Experts

Extend RepoAudit with custom detection logic and integrate your own knowledge bases for your specific domain.

Read the Docs

Researchers

Visit the Resources page for LLM-driven code auditing research materials, papers, and datasets.

View Resources

Ready to audit your codebase?

Talk to a G360 engineer about deploying RepoAudit in your environment.

Book a Demo