The Framework · The Loop

The mind and the hands, closed into one loop.

The CLAWMYTHOS Framework is the fused thing: Claude Mythos reasoning as the mind, the OpenClaw agent ecosystem as the hands. Together they form a closed autonomous loop — discover, reproduce, validate, patch, disclose — that finds a bug, proves it on a live build, fixes it, and ships the pull request without a human in the inner loop.

5
Stages in the closed loop
2
Pillars fused — mind × hands
8
Phases in the hunt pipeline
~$0.30–$1.50
Per autonomous scan run
// What is the CLAWMYTHOS Framework

One agent that thinks like a researcher and acts like an engineer.

A scanner finds a flaw and stops. The CLAWMYTHOS Framework keeps going. It fuses three pillars into a single autonomous debugging and vulnerability-discovery system: Mythos, the frontier reasoning that out-finds elite human researchers; OpenClaw, the open any-OS agent framework that connects to real repositories, builds, CI and disclosure channels; and the Framework itself — the control loop that wires the two together so a finding flows end to end without losing fidelity.

The result is not a report. It is a verified bug, a reproduction on a live build, a minimal patch, and a coordinated disclosure — produced by one agent on a single run. The mind decides what is wrong and why; the hands prove it, fix it, and ship it.

// Architecture · MIND × HANDS

Two layers, one nervous system.

Picture two columns joined by a bridge. On the left, the mind reasons over code it has never seen and decides where the danger lives. On the right, the hands touch the real world — cloning, compiling, running, patching, filing. The bridge is the Framework: a scoped tool surface and a shared state object that let reasoning drive execution and let execution feed ground truth back into reasoning.

// THE MIND — CLAUDE MYTHOS

Frontier reasoning

  • Sink-guided slicing over catalogs: deserialization, SQL injection, code-eval, path traversal, auth.
  • File ranking by sink density to spend reasoning where exploitability concentrates.
  • Agentic hunters — K=3 diverse hunters per file for pass@k coverage.
  • Adversarial self-challenge and skeptical validation to kill false positives.
  • Runs on Claude Opus 4.7; 25–50× cheaper than commercial scanners.
// THE HANDS — OPENCLAW

Execution layer

  • 13,729 skills on ClawHub — github, coding-agent, clawsec-suite, skill-vetter, mcporter.
  • Runs on macOS, Windows, Linux, iOS, Android — any OS the target lives on.
  • Scoped sandbox: Bash plus file tools so hunters compile, run and test live builds.
  • Connects to repos, CI, build systems and disclosure channels.
  • Turns a finding into a scan, reproduction, patch (PR) and disclosure.

The shared state is a JSON object carrying language detection, ranked files, candidate sinks, proof artifacts, severity, and a cross-session false-positive memory. Each side reads and writes it; nothing is lost in translation between thinking and doing.

// The closed loop

Discover → reproduce → validate → patch → disclose.

Five stages, one continuous loop. Every stage is driven by Mythos reasoning and carried out by OpenClaw skills, and the output of disclosure feeds the next discovery — the false-positive memory and severity ledger make every subsequent run sharper.

01
Discover
Mythos detects the language, slices toward dangerous sinks, ranks files by sink density and runs parallel hunters to surface candidate flaws.
02
Reproduce
OpenClaw spins a scoped sandbox; live-exploration hunters compile, run and test the real build to turn a hypothesis into an observed crash or exploit.
03
Validate
Adversarial self-challenge plus skeptical validation, checked against cross-session false-positive memory, confirms the finding is real and exploitable.
04
Patch
The coding-agent skill drafts a minimal fix, rebuilds, re-runs the reproduction to confirm the sink is closed without regressions, and opens a pull request.
05
Disclose
Findings aggregate into a severity-scored JSON report, hashed SHA-3-256 (hash now, reveal later), and route to maintainers under coordinated disclosure.
↺   writeback — disclosure feeds the false-positive memory and severity ledger, so the next discovery pass starts smarter. The loop closes.
Discover — the mind opens the surfacePhase 0 language detection, phase 1 sink-guided slicing across deserialization / SQL injection / code-eval / path / auth catalogs, phase 2 file ranking by sink density, phase 3 agentic hunt with K=3 parallel hunters per file for pass@k diversity.
Reproduce — the hands touch the buildPhase 2.5 builds the scoped sandbox (Bash + file tools); live-exploration hunters compile, run and test against LIVE builds so a candidate becomes a concrete, observed reproduction rather than a guess.
Validate — the mind doubts itselfPhase 3.5 adversarial self-challenge and phase 4 skeptical validation, cross-checked against a cross-session false-positive memory, so only findings that survive scrutiny pass through.
Patch — the hands close the sinkThe execution layer drafts a minimal change, rebuilds, and replays the reproduction to prove the sink is closed and nothing regressed, then opens a pull request on the target repository.
Disclose — and feed the next passPhase 6 aggregates a severity-scored JSON report; SHA-3-256 hash-now / reveal-later commits the finding; phase 7 writes the false-positive memory back. Coordinated disclosure routes the report to maintainers under an Apache-2.0 lawful-use posture.
// End to end

How reasoning and skills hand off, stage by stage.

Each loop stage is a contract: the mind produces an intent, the hands execute it, and the result is written back as ground truth. Nothing is hand-waved — every claim Mythos makes is something OpenClaw can run.

StageMythos — the mind decidesOpenClaw — the hands execute
DiscoverDetect language; slice toward sinks; rank files; dispatch K=3 hunters per file.Clone the target with the github skill; expose the file tree to hunters across any OS.
ReproduceDecide the exact input, build target and test that would trigger the sink.Stand up the scoped sandbox (Bash + file tools); compile and run the LIVE build; capture the crash or exploit.
ValidateRun adversarial self-challenge and skeptical validation; consult false-positive memory.Re-execute the reproduction deterministically; surface logs and artifacts for the verdict.
PatchReason out the minimal, regression-safe fix and its acceptance test.coding-agent edits, rebuilds, re-runs the reproduction, and opens the pull request.
DiscloseScore severity; aggregate the JSON; decide reveal timing.Hash SHA-3-256, write FP-memory back, and route to maintainers via coordinated-disclosure channels.

Lawful use is built in: Apache-2.0 licensing, coordinated disclosure, and a hash-now / reveal-later commitment that timestamps a finding without leaking it. The Framework is deliberately language-agnostic — C/C++, Python, PHP, JavaScript/TypeScript, firmware, kernel and web are all in scope because phase 0 detects the language before the hunt begins.

// Beyond security

A general autonomous debugger.

Vulnerability discovery is the proving ground, not the ceiling. Strip away the security framing and the loop is a universal debugging engine: find the bug, prove it on a live build, fix it, ship the PR. The same machinery that traces tainted input to an exploitable sink can trace a failing test to a logic error, a regression to the commit that introduced it, or a flaky build to its race.

// FIND

Locate the fault

Sink-guided slicing generalizes to any failure signature — narrow a large codebase to the few files where a defect can actually live, then hunt them in parallel.

// PROVE

Reproduce on a live build

A hypothesis means nothing until it runs. The scoped sandbox compiles and executes the real target so the bug is observed, not asserted.

// SHIP

Patch and open the PR

The fix is minimal, the reproduction is replayed to confirm it, and the pull request lands on the repo — the loop ends in shipped code, not a ticket.

Find the bug. Prove it on a live build. Fix it. Ship the PR.

The CLAWMYTHOS loop, in one line
// Fusion metrics

What the mind-plus-hands loop produces.

The reasoning at the core of this loop is the same class that, in Anthropic's Project Glasswing, let partners surface hundreds of high- and critical-severity bugs with a 10×+ bug-finding rate over humans. Cloudflare alone reported 2,000 bugs (400 high/critical), and Mythos-class reasoning has been credited with on the order of ~10,000 high-severity flaws.

// REACH

Run anywhere, on anything

Any-OS execution (macOS, Windows, Linux, iOS, Android) over a 13,729-skill registry, hunting C/C++, Python, PHP, JS/TS, firmware, kernel and web.

// ECONOMICS

~$0.30–$1.50 per run

Open replication on Claude Opus 4.7 runs 25–50× cheaper than $20–$50 commercial scanners — cheap enough to put a self-scan in every CI pipeline.

AWSAppleCisco CrowdStrikeGoogleJPMorganChase Linux FoundationMicrosoftNVIDIA Palo Alto Networks
// Run the loop

Point it at a repository and watch the loop close.

The dashboard is the front door to the Framework: connect a target, pick a scope, and the mind-plus-hands loop runs discover → reproduce → validate → patch → disclose on its own — returning a verified finding, a live reproduction, a patch, and a pull request.