Vercel Open-Source AI Security Framework DeepSec: Fully Local Operation to Prevent Data Leakage, Supports Thousands of Sandbox Concurrency

CryptoWorld News reports that Vercel has announced the open-sourcing of deepsec, an open-source security testing framework driven by AI agents. It is designed to address security risks in cloud-based AI code scanning. The tool allows developers to directly invoke existing Claude or Codex keys to investigate vulnerabilities in large codebases within their local infrastructure, without granting source code privileges to external cloud services. deepsec’s underlying calls use Opus 4.7 and GPT 5.5, and it has designed a multi-round cross-validation workflow: after initial regex screening, the agent intervenes to trace data flows and generate reports; then another set of agents will conduct secondary validation to eliminate false positives, keeping the final false alarm rate between 10% and 20%. The system combines Git metadata to identify the contributors responsible for the vulnerabilities and automatically exports repair tickets. For large repositories that would otherwise take days to scan on a single machine, deepsec supports distributing scan tasks to Vercel sandboxes, with a typical concurrency of up to thousands of sandboxes.