Vercel Open Sources AI Security Framework deepsec: Fully On-Device Prevent Data Leaks, Supports Scale to Thousands of Sandbox Concurrently

According to Dynamic Beating monitoring, to address security vulnerabilities in cloud-based AI code scanning, Vercel has announced the open-sourcing of the AI Agent-driven security testing framework deepsec. This tool allows developers to directly invoke existing Claude or Codex key checks on large codebases in their local infrastructure, without granting source code privileges to external cloud services.

deepsec leverages Opus 4.7 and GPT 5.5 at its core and is designed with a multi-round cross-validation workflow: after an initial screening, the Agent intervenes to trace data flow and generate a report; then another group of Agents performs secondary validation to eliminate false positives, keeping the final false positive rate between 10% to 20%; finally, the system combines Git metadata to identify the contributor responsible for the vulnerability and automatically generates a fix ticket.

Facing the challenge of processing large repositories that would take days on a single machine, deepsec supports distributing scanning tasks to Vercel Sandboxes. Vercel has revealed that during testing on its in-house codebase, the regular concurrency could reach up to thousands of sandboxes. For complex proprietary business lines, the system also offers a plugin mechanism that allows the Agent to write regex matchers directly for project-specific authentication logic or data layers.