Yeah, I wonder why it did

On Mon, Jun 15, 2026, 05:43 Thomas Stromberg <[email protected]> wrote:

> [resending as my e-mail yesterday went to the moderation queue]
>
> I've been building out an open-source platform for supply-chain detection
> over the last 6 months, based on my previous work at Chainguard. While it's
> still a work in progress, the recent attacks have tipped my hand, so here
> it goes: https://atomdrift.org/ (Apache 2.0)
>
> TL;DR - We're building an automated local reverse-engineering and
> detection platform, powered by tiny local deterministic AI models,
> retrained constantly based on recent attacks and threat feeds. Because it
> uses other great open-source projects under the hood (tree-sitter, rizin,
> etc) rather than just pattern matching, it's immune to most obfuscation
> attacks.
>
> Atomdrift's detection is runnable via a simple rust CLI tool (
> https://codeberg.org/atomdrift/scan). No special hardware required. If
> you have a local LLM, we support an optimized path for getting a second
> opinion from it via --interpret that provides a summary and steers
> confidence levels.
>
> While our training pipeline has been pulling from open-source marketplaces
> for months, yesterday we just started scanning AUR updates rather than new
> additions, and here's an example of what it looks like:
> https://lab.atomdrift.org/file/720b4275223cf0e27e60fdae069eba53b1869d44e46b8c9f09975405e75763f9
>
> Here's a link to the Arch pipeline results:
> https://lab.atomdrift.org/arch/
>
> I built this to help open-source, and would love to figure out how I can
> help ArchLinux with their supply chain issues - whether it's just
> discussing ideas, making a sustainable alert pipeline to what is up and
> running already, running the pipeline on your infra, or collaborating on
> development.
>
> As atomdrift both emits scores and lets you tune for a specific
> acceptable false-positive level, one idea for AUR could be automated review
> or publishing delay based on confidence levels.
>
> The compute-side runs on Arch, btw.
> Thomas
>

Reply via email to