區塊先生 🐡 ⚠️ (rock #58)|Feb 21, 2026 05:21
The AI audit revolution has arrived! Low level jobs are really going to be completely overturned
@AnthropicAI has just announced that "Claude Code Security" is a security tool built directly into Claude Code!
Core competencies:
-Unlike traditional scanners that only look for known patterns, it will "read" the entire codebase like a human security researcher: understanding how components interact, how data flows, and where there are hidden weaknesses in logic.
-Specifically targeting complex vulnerabilities that rule-based tools often miss, including logic errors, data flow issues, and even some production bugs that have been hidden for several years.
-After identifying the issue, the severity rating will be automatically evaluated, and targeted patches will be directly recommended for human review and application.
-Anthropic emphasizes that this is to 'put cutting-edge security capabilities into the hands of defenders', as attackers will also use AI to find 0-days faster, and defenders need to speed up to keep up!
As soon as the results were announced, the capital security stocks were directly wiped out!
-CrowdStrike (CRWD) fell nearly 8%
-Okta (OKTA) diarrhea exceeds 9%
-JFrog is even worse off, with a heavy drop of nearly 25%
-Cloudflare (NET), Zscaler, GitLab, and others also experienced a significant drop of 5-9%
The overall market value of the cybersecurity sector has evaporated by billions of dollars! Investors are extremely panicked: low-level vulnerability scanning+basic patching suggestions. Originally, these companies provided high margin services, but now AI can handle it with just one click. Who still needs to buy expensive SaaS tools? Although analysts say that the tool is still in preview and will not completely replace experts in the short term, the market is just selling first - panic emotions directly hit the stock price.
@OpenAI and @ paradigm just launched "EVMbench" on 2/18, which is the "ultimate benchmark" for testing AI agents in smart contract security!
The Ethereum Virtual Machine (EVM) now manages over $100 billion in assets, and any vulnerabilities in smart contracts result in a loss of money. EVMbench directly selected 120 high severity vulnerabilities from 40 real audit reports (mostly from open source audit competitions+Tempo blockchain payment scenarios) to test three AI models:
1. * * Detect * *: Detecting vulnerabilities - see if AI can scan the repo and identify high-risk issues (recall rate) discovered by professional auditors.
2. Patch: Automatic patching - not only finding, but also generating usable repair code to make the contract secure.
3. * * Exploit * *: Actual Attack - Execute an exploit in a simulated environment to test AI's "black hat" ability (the darkest but most realistic defense test).
The result? OpenAI's latest model GPT-5.3-COdex achieved a success rate of 72.2% in exploit mode! Compared to half a year ago, GPT-5 has more than doubled (31.9% → 72.2%). Although detection and patching are not yet perfect (many complex vulnerabilities are still difficult for AI to detect or fix), this has proven that AI agents are rapidly evolving to handle end-to-end smart contract auditing, from finding holes to fixing them, and even demonstrating how to hack.
For the blockchain auditing industry, this is the death knell for low-level EVM auditing!
Just like signing a basic cooperation contract now, no one will spend money to hire a lawyer to review each item. In the future, DeFi projects may be directly handed over to AI for automatic review: cost reduction, speed increase, and deployment speed.
But conversely, if AI is used for attacks, DeFi security will also be more fragile ⚠️ OpenAI emphasizes that this benchmark is aimed at "encouraging defensive use of AI" and strengthening contract security, rather than encouraging hackers.
Summary: Claude Code Security puts low-level software security work at risk, while EVMbench directly targets the repetitive low-end business of traditional smart contract auditing companies.
Millions of highly repetitive and relatively low tech audit positions may be replaced on a large scale by AI within 1-3 years. Accountants, security engineers, and blockchain auditors who don't upgrade their skills and learn how to be teammates with AI (prompt engineering, verifying AI output, supervising agent behavior) will really be left behind by the times!
Share To
Timeline
HotFlash
APP
X
Telegram
CopyLink