{"id":47355827,"url":"https://github.com/sahajamoth/apex","last_synced_at":"2026-03-27T05:02:11.557Z","repository":{"id":343966831,"uuid":"1179889266","full_name":"sahajamoth/apex","owner":"sahajamoth","description":"APEX — Autonomous Path EXploration. Drives any repository toward 100% branch coverage.","archived":false,"fork":false,"pushed_at":"2026-03-15T23:07:40.000Z","size":2882,"stargazers_count":2,"open_issues_count":5,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-03-16T09:46:36.404Z","etag":null,"topics":["agentic-coding","ai-agent","ai-coding","ai-developer-tools","ai-testing","autonomous-testing","code-coverage","concolic-execution","fuzzing","generative-ai","llm","python","rust","sast","security","static-analysis","symbolic-execution","test-automation","testing","vibe-coding"],"latest_commit_sha":null,"homepage":null,"language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sahajamoth.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-03-12T13:39:48.000Z","updated_at":"2026-03-15T21:53:02.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/sahajamoth/apex","commit_stats":null,"previous_names":["allexdav2/apex","sahajamoth/apex"],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/sahajamoth/apex","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sahajamoth%2Fapex","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sahajamoth%2Fapex/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sahajamoth%2Fapex/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sahajamoth%2Fapex/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sahajamoth","download_url":"https://codeload.github.com/sahajamoth/apex/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sahajamoth%2Fapex/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30642995,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-18T01:41:58.583Z","status":"online","status_checked_at":"2026-03-18T02:00:07.824Z","response_time":104,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["agentic-coding","ai-agent","ai-coding","ai-developer-tools","ai-testing","autonomous-testing","code-coverage","concolic-execution","fuzzing","generative-ai","llm","python","rust","sast","security","static-analysis","symbolic-execution","test-automation","testing","vibe-coding"],"created_at":"2026-03-18T02:30:15.843Z","updated_at":"2026-03-27T05:02:11.541Z","avatar_url":"https://github.com/sahajamoth.png","language":"Rust","funding_links":[],"categories":[],"sub_categories":[],"readme":"# APEX — Autonomous Path EXploration\n\n[![CI](https://github.com/sahajamoth/apex/actions/workflows/ci.yml/badge.svg)](https://github.com/sahajamoth/apex/actions/workflows/ci.yml)\n[![Release](https://img.shields.io/github/v/release/sahajamoth/apex?label=release)](https://github.com/sahajamoth/apex/releases/latest)\n[![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](LICENSE)\n[![0 crashes](https://img.shields.io/badge/crashes-0_across_10_repos-green)](docs/real-world-validation-summary.md)\n[![Validated](https://img.shields.io/badge/validated-Linux_%7C_K8s_%7C_CPython-blue)](docs/real-world-validation-summary.md)\n[![6600+ tests](https://img.shields.io/badge/tests-6600%2B_passing-green)](https://github.com/sahajamoth/apex/actions/workflows/ci.yml)\n[![63 detectors](https://img.shields.io/badge/detectors-63-blue)](docs/DETECTORS.md)\n[![Claude Code Plugin](https://img.shields.io/badge/Claude_Code-plugin-blueviolet)](https://claude.com/claude-code)\n\n**Find vulnerabilities. Fix coverage gaps. Automatically.**\n\nAPEX is a Claude Code plugin that scans your codebase for security gaps, dead code,\nand untested branches — then writes the tests to fix them. 63 detectors, 11 languages,\nzero config. Works as both a CLI tool and a set of AI agents inside Claude Code.\n\n\u003e **Validated against:** Linux kernel · Kubernetes · CPython · TypeScript compiler ·\n\u003e ripgrep · Spring Boot · .NET Runtime · Vapor · Rails · ktor\n\u003e\n\u003e Found a hardcoded EC private key in Kubernetes (CWE-798).\n\u003e Scanned the Linux kernel in 4 minutes. 0 crashes across 12,656 findings.\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"docs/assets/real-world-validation.svg\" alt=\"APEX real-world validation results\" width=\"780\"\u003e\n\u003c/p\u003e\n\n[Full validation report →](docs/real-world-validation-summary.md)\n\n---\n\n## Quick Start\n\n### 1. Install the binary\n\n```bash\n# macOS / Linux (auto-detects platform, no sudo needed)\ncurl -LsSf https://github.com/sahajamoth/apex/releases/latest/download/apex-cli-installer.sh | sh\n```\n\n```powershell\n# Windows\npowershell -ExecutionPolicy ByPass -c \"irm https://github.com/sahajamoth/apex/releases/latest/download/apex-cli-installer.ps1 | iex\"\n```\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eAlternative install methods\u003c/strong\u003e\u003c/summary\u003e\n\n```bash\n# From source (needs Rust toolchain, ~5 min)\ncargo install --git https://github.com/sahajamoth/apex\n\n# Nix\nnix run github:sahajamoth/apex\n```\n\nPackage registry publishing (npm, Homebrew, pip) coming soon.\n\n\u003c/details\u003e\n\n### 2. Install the Claude Code plugin\n\n```bash\n# Add the APEX marketplace (GitHub repo)\nclaude plugins marketplace add sahajamoth/apex\n\n# Install the APEX plugin from it\nclaude plugins install apex@apex\n```\n\nOr from a local clone:\n\n```bash\ngit clone https://github.com/sahajamoth/apex.git\nclaude plugins marketplace add ./apex\nclaude plugins install apex@apex\n```\n\n### 3. Run\n\n```\n# In Claude Code:\n/apex init      # Auto-detect language, venv, toolchain\n/apex           # Full analysis: coverage + security + intelligence\n/apex detect    # Security scan (63 detectors, 40+ CWEs)\n/apex hunt      # Bug hunting in uncovered code\n/apex deploy    # Deploy readiness score\n```\n\nAPEX agents detect your environment, install missing tools\n(via uv, bun, mise), run coverage, write tests, and produce reports.\n\n\u003e **Not using Claude Code?** See [Standalone Installation](docs/STANDALONE.md)\n\u003e for CLI binary, GitHub Actions, and CI/CD setup.\n\n---\n\n## What APEX Finds in Real Projects\n\n\u003e The output below is from Claude Code running the `/apex` command.\n\u003e APEX agents orchestrate the full analysis cycle automatically.\n\n```\n\u003e /apex\n\n  ╭──────────────────────────────────────────────────╮\n  │  APEX — Autonomous Path EXploration              │\n  │  Target: ./your-project  (Python, 847 branches)  │\n  ╰──────────────────────────────────────────────────╯\n\n  Round 1/5 ─────────────────────────────────────────\n\n  Coverage: 62% → 71% (+9%)\n  +142 branches covered | 203 remaining | 8 tests written\n```\n\n```\n  Round 5/5 ─────────────────────────────────────────\n\n  Coverage: 71% → 94% (+23%)\n  Final: 798/847 branches covered\n  Tests written: 31 new tests across 6 files\n```\n\nThen ask Claude for intelligence:\n\n```\n\u003e /apex intel\n\n  ┌─ Test Optimization ──────────────────────────────┐\n  │  312 tests → 94 minimal set (3.3× speedup)       │\n  │  218 tests are redundant — same branch coverage   │\n  └──────────────────────────────────────────────────┘\n\n  ┌─ Dead Code ──────────────────────────────────────┐\n  │  23 branches in 4 files — never executed by any   │\n  │  test or production path                          │\n  │                                                   │\n  │  src/billing.py:89   unreachable after refactor   │\n  │  src/export.py:34    legacy XML path, 0 callers   │\n  │  src/api.py:201      dead error handler           │\n  └──────────────────────────────────────────────────┘\n\n  ┌─ Flaky Tests ────────────────────────────────────┐\n  │  2 tests show nondeterministic branch paths       │\n  │                                                   │\n  │  test_concurrent_upload — race in file locking    │\n  │  test_session_timeout  — depends on wall clock    │\n  └──────────────────────────────────────────────────┘\n\n  ┌─ Security ───────────────────────────────────────┐\n  │  src/auth.py:67  — auth bypass: no token check    │\n  │  on admin endpoint (reachable from test_api)      │\n  │                                                   │\n  │  src/config.py:12 — hardcoded secret:             │\n  │  AWS_KEY = \"AKIA...\" (not from env)               │\n  └──────────────────────────────────────────────────┘\n\n  ┌─ Hot Paths ──────────────────────────────────────┐\n  │  src/auth.py:45  — 12.3% of all branch hits      │\n  │  src/db.py:112   — 8.7% of all branch hits       │\n  │  These functions need the most test coverage.     │\n  └──────────────────────────────────────────────────┘\n\n  Deploy Score: 87/100 — GO\n```\n\n---\n\n## Why APEX?\n\n| | APEX | Semgrep | CodeQL | Snyk | coverage.py |\n|---|:---:|:---:|:---:|:---:|:---:|\n| Claude Code integration | **native** | — | — | — | — |\n| AI agents (hunt, plan, fix) | ✓ | — | — | — | — |\n| Auto-writes tests | ✓ | — | — | — | — |\n| 63 detectors, 40+ CWEs | ✓ | ✓ | ✓ | ✓ | — |\n| Branch-level coverage | ✓ | — | — | — | line only |\n| CPG taint analysis | ✓ | ✓ | ✓ | — | — |\n| Security + coverage unified | ✓ | security | security | security | coverage |\n| MCP server (33 tools) | ✓ | — | — | — | — |\n| Deploy readiness score | ✓ | — | — | — | — |\n| Single binary, zero deps | ✓ | ✓ | cloud | cloud | pip |\n| 11 languages | ✓ | ✓ | ✓ | ✓ | Python |\n\n---\n\n## Installation\n\n### Claude Code Plugin (Recommended)\n\n```bash\n# From GitHub\nclaude plugins marketplace add sahajamoth/apex\nclaude plugins install apex@apex\n\n# Or from a local clone\ngit clone https://github.com/sahajamoth/apex.git\nclaude plugins marketplace add ./apex\nclaude plugins install apex@apex\n```\n\nThis installs slash commands, 20+ AI agents, and 33 MCP tools.\n\n### Verify\n\nIn Claude Code:\n```\n/apex init      # Should detect your project and generate apex.toml\napex doctor     # Should show all green checks\n```\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eWhat gets installed\u003c/strong\u003e\u003c/summary\u003e\n\n| Component | Description |\n|-----------|-------------|\n| `apex` binary | CLI tool with 35+ subcommands |\n| 33 MCP tools | `apex_run`, `apex_audit`, `apex_complexity`, etc. — callable by Claude |\n| `/apex` slash commands | `/apex`, `/apex detect`, `/apex hunt`, `/apex deploy`, `/apex intel` |\n| 20+ AI agents | `apex`, `apex-hunter`, `apex-captain`, per-language crew agents |\n| `apex.toml` generator | Auto-config via `apex init` |\n\n\u003c/details\u003e\n\n\u003e **Standalone CLI, GitHub Actions, CI/CD:** See [docs/STANDALONE.md](docs/STANDALONE.md)\n\n---\n\n## Commands Reference\n\n\u003e All commands work both as Claude Code slash commands (`/apex detect`)\n\u003e and as standalone CLI (`apex audit --target . --lang python`).\n\u003e Full standalone docs: [docs/STANDALONE.md](docs/STANDALONE.md)\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eCore\u003c/strong\u003e\u003c/summary\u003e\n\n```bash\napex run --target ./project --lang python      # Coverage gap report\napex ratchet --target ./project --min-cov 0.8  # CI gate\napex doctor                                     # Check dependencies\napex audit --target ./project --lang python     # Security audit\n```\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003ePack A: Per-Test Branch Index\u003c/strong\u003e\u003c/summary\u003e\n\n```bash\napex index --target ./project --lang python --parallel 8\n```\n\nRuns each test individually under coverage, builds a map of test→branches.\nStored in `.apex/index.json`. Required before intelligence commands.\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003ePack B: Test Intelligence\u003c/strong\u003e\u003c/summary\u003e\n\n```bash\napex test-optimize --target .                  # Minimal test subset\napex test-prioritize --target . --changed-files src/auth.py\napex flaky-detect --target . --lang python --runs 5\n```\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003ePack C: Source Intelligence\u003c/strong\u003e\u003c/summary\u003e\n\n```bash\napex dead-code --target .                      # Semantically dead code\napex lint --target . --lang python             # Runtime-prioritized lints\napex complexity --target .                     # Exercised vs static complexity\n```\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003ePack D: Behavioral Analysis \u0026 CI/CD\u003c/strong\u003e\u003c/summary\u003e\n\n```bash\napex diff --target . --base main               # Behavioral diff\napex regression-check --target . --base main   # CI gate for behavior changes\napex risk --target . --changed-files src/auth.py\napex hotpaths --target . --top 20\napex contracts --target .                      # Discover invariants\napex deploy-score --target .                   # Aggregate confidence 0-100\n```\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003ePack E: Documentation\u003c/strong\u003e\u003c/summary\u003e\n\n```bash\napex docs --target . --output docs/behavioral.md\n```\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003ePack F: Security\u003c/strong\u003e\u003c/summary\u003e\n\n```bash\napex attack-surface --target . --lang python --entry-pattern test_api\napex verify-boundaries --target . --lang python \\\n  --entry-pattern test_api --auth-checks check_auth --strict\n```\n\n\u003c/details\u003e\n\n---\n\n## Claude Code Integration\n\nAPEX integrates natively with Claude Code for an AI-enhanced workflow.\nThe standalone CLI works without any AI tooling — Claude Code adds\nslash commands and auto-triggered agents on top.\n\n### Slash Commands\n\n| Command | What it does |\n|---------|-------------|\n| `/apex` | **Dashboard** — deploy score, key findings, recommended next actions |\n| `/apex-run` | **Autonomous loop** — measures gaps, writes tests, re-measures, repeats |\n| `/apex-index` | Build per-test branch index for intelligence commands |\n| `/apex-intel` | Full SDLC intelligence — test quality, risk, dead code, hotpaths, contracts |\n| `/apex-deploy` | Deployment readiness — GO / CAUTION / BLOCK with confidence score |\n| `/apex-status` | Coverage table for the workspace |\n| `/apex-gaps` | Top uncovered regions with explanations and suggested tests |\n| `/apex-generate` | Generate tests targeting uncovered branches in a crate |\n| `/apex-ci 0.8` | CI gate — fails if below threshold |\n\n### Auto-triggered Agents\n\nThese fire automatically when Claude Code detects a matching intent:\n\n| Agent | Trigger examples |\n|-------|-----------------|\n| **apex-coverage-analyst** | \"what's our coverage?\", \"which parts are uncovered?\" |\n| **apex-test-writer** | \"write tests for X\", \"improve coverage in Y\" |\n| **apex-runner** | \"run apex against Z\", \"run apex on itself\" |\n| **apex-sdlc-analyst** | \"what's our deploy score?\", \"find flaky tests\" |\n\n### Strategy Selection\n\nThe `/apex-run` loop automatically picks the best strategy per gap:\n\n| Target | Primary | Fallback |\n|--------|---------|----------|\n| Rust workspace | Source-level tests | fuzz harness |\n| Python project | Source-level tests | concolic execution |\n| C/Rust binary | fuzz | driller (when fuzz stalls) |\n| JavaScript | Source-level tests | — |\n\n---\n\n## Architecture\n\nRust workspace, 16 crates. Heavy dependencies (Z3, LibAFL, PyO3, Inkwell,\nFirecracker) are behind feature flags — not compiled by default.\n\n| Crate | Role |\n|-------|------|\n| `apex-core` | Shared types, traits, config |\n| `apex-coverage` | Coverage oracle, bitmap tracking, continuous branch distance heuristics |\n| `apex-instrument` | Multi-language instrumentation (Python, JS, Java, Rust, LLVM, WASM) |\n| `apex-lang` | Language-specific test runners |\n| `apex-sandbox` | Process / WASM / Firecracker isolation |\n| `apex-agent` | AI-driven test generation, priority scheduler, solver cache |\n| `apex-synth` | Test synthesis via Tera templates + LLM-guided refinement loop |\n| `apex-symbolic` | SMT-LIB2 constraint solving, gradient descent solver (optional Z3) |\n| `apex-concolic` | Concolic execution (optional PyO3 tracer) |\n| `apex-fuzz` | Coverage-guided fuzzing with MOpt (optional LibAFL) |\n| `apex-detect` | Security patterns, hardcoded secrets, CWE-mapped findings |\n| `apex-cpg` | Code Property Graph — taint analysis via reaching definitions |\n| `apex-index` | Per-test branch indexing, SDLC analysis |\n| `apex-rpc` | gRPC distributed coordination |\n| `apex-mir` | MIR parsing, control-flow analysis |\n| `apex-cli` | CLI binary — 20 subcommands |\n\n### Analysis Mechanisms\n\nAPEX integrates fundamental mechanisms from established tools\n(see [docs/INSPIRATION.md](docs/INSPIRATION.md) for details):\n\n| Mechanism | From | APEX Crate |\n|-----------|------|------------|\n| Continuous branch distance (Korel fitness) | EvoMaster | `apex-coverage` |\n| Gradient descent constraint solving | Angora | `apex-symbolic` |\n| Code Property Graph + taint analysis | Joern | `apex-cpg` |\n| LLM-guided test refinement (closed loop) | CoverUp | `apex-synth` |\n| Priority-based exploration scheduler | Owi + EvoMaster | `apex-agent` |\n| Solver caching with negation inference | Owi | `apex-agent` |\n\n\u003cdetails\u003e\n\u003csummary\u003eOptional feature flags\u003c/summary\u003e\n\n| Feature | Crate | Enables |\n|---------|-------|---------|\n| `llvm-instrument` | apex-instrument | LLVM-based instrumentation via inkwell |\n| `wasm-instrument` | apex-instrument | WebAssembly instrumentation |\n| `z3-solver` | apex-symbolic | Z3 SMT solver |\n| `kani-prover` | apex-symbolic | Kani bounded model checking |\n| `pyo3-tracer` | apex-concolic | Python concolic tracer |\n| `libafl-backend` | apex-fuzz | LibAFL fuzzer backend |\n| `firecracker` | apex-sandbox | Firecracker microVM isolation |\n\n```bash\ncargo build --release --features \"apex-symbolic/z3-solver,apex-fuzz/libafl-backend\"\n```\n\n\u003c/details\u003e\n\n---\n\n## Configuration\n\n```toml\n# apex.toml\n[coverage]\ntarget = 1.0\nmin_ratchet = 0.8\n\n[fuzz]\ncorpus_max = 10000\nstall_iterations = 50\n\n[agent]\nmax_rounds = 3\n\n[sandbox]\nprocess_timeout_ms = 10000\n```\n\n---\n\n## Contributing\n\nSee [CONTRIBUTING.md](CONTRIBUTING.md) for development setup and guidelines.\n\nBug reports and feature requests: [GitHub Issues](https://github.com/sahajamoth/apex/issues).\n\n## License\n\n[MIT](LICENSE)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsahajamoth%2Fapex","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsahajamoth%2Fapex","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsahajamoth%2Fapex/lists"}