Respect to you and David for trying to help, but eventually you're going to experience Brandolini's law here.
OP is frantically pasting your findings into an LLM and letting it excrete another blob of untested, unverified shit. "It WILL be secure this time!", the LLM says, hopelessly.
OP does not care about whether the tool is built on solid appsec foundations. OP cares about the 0.00001% chance of getting interest in his tool from $VC_FIRM.
You've indicated that this tool already has a bright glowing all caps DO NOT USE verdict and no reassurance from a coding-agent-in-a-loop will make it better.
OP is frantically pasting your findings into an LLM and letting it excrete another blob of untested, unverified shit. "It WILL be secure this time!", the LLM says, hopelessly.
OP does not care about whether the tool is built on solid appsec foundations. OP cares about the 0.00001% chance of getting interest in his tool from $VC_FIRM.
You've indicated that this tool already has a bright glowing all caps DO NOT USE verdict and no reassurance from a coding-agent-in-a-loop will make it better.