Skip to content

Process

How Pruva turns advisories into runnable proof

Pruva analyzes a GHSA or CVE, builds an isolated target, runs the exploit path, captures evidence, and publishes a permanent reproduction record that can be rerun locally.

How it works

Advisory to runnable proof, autonomously.

01

Analyze the advisory

An AI agent reads the GHSA or CVE, pulls the vulnerable package, and understands the vulnerability's root cause.

02

Reproduce in a sandbox

The agent builds a faithful copy of the affected software and fires the exploit, capturing the crash, the leak, or the shell.

03

Publish verifiable proof

A self-contained script, a session replay, and a permanent REPRO ID. Run pruva-verify to see it fire yourself.

Local verification

Every record points back to a script you can run.

Detail pages expose the reproduction script, the plain-text agent view, artifacts, and Codespaces entry points. The same evidence also appears in the sitemap, CVE index, RSS feed, and agent catalog.

Open the catalog