Open Source · MIT Licensed · Built for real codebases

Code doesn't fix itself.Until now, it had to waitfor a human.

MACS is an open-source multi-agent system we're building to close the loop on bug fixing — read, audit, patch, verify, commit. We're in active development and looking for engineers who want to run it on real codebases.

Apply as Design PartnerView on GitHub
READER
Chunked file ingestion with dependency-aware ordering
AUDITOR
Joern CPG analysis for deep bug detection
CONSENSUS
Multi-agent quorum prevents false positives
FIXER A
First model family generates patches
FIXER B
Second model family generates competing patches
CRITIC
Adversarial agent attacks weak patches
FORMAL GATE
Z3 + CBMC mathematical verification
COMMIT
HMAC-signed state transitions, auto-PR
macs-pipeline
LIVE
[reader]indexed 847 files · 94,302 lines
[auditor]CPG built · 12 issues flagged
[fixer-a]patch generated · null deref · parser.py:142
[critic]adversarial attack: survived
[gate]Z3 constraint: SATISFIED · CBMC: PASS
[commit]patch #12 committed · PR #34 opened
[reader]indexed 1,204 files · 156,847 lines
[auditor]CPG built · 8 issues flagged
[fixer-b]patch generated · race condition · worker.go:89
[critic]adversarial attack: survived
[gate]Z3 constraint: SATISFIED · CBMC: PASS
[commit]patch #13 committed · PR #35 opened
[reader]indexed 847 files · 94,302 lines
[auditor]CPG built · 12 issues flagged
[fixer-a]patch generated · null deref · parser.py:142
[critic]adversarial attack: survived
[gate]Z3 constraint: SATISFIED · CBMC: PASS
[commit]patch #12 committed · PR #34 opened
[reader]indexed 1,204 files · 156,847 lines
[auditor]CPG built · 8 issues flagged
[fixer-b]patch generated · race condition · worker.go:89
[critic]adversarial attack: survived
[gate]Z3 constraint: SATISFIED · CBMC: PASS
[commit]patch #13 committed · PR #35 opened

Targeting 85%+ on SWE-bench Verified. We'll publish the numbers when we run it at full scale.

$1.52

Trillion

The estimated annual cost of poor software quality

Consortium for IT Software Quality, 2022

The bottleneck isn't finding bugs.

Static analysis tools produce reports daily. The bottleneck is fixing them — which still requires a human developer to read a report, understand the context, write a patch, test it, and commit it.

For a team of 10 engineers maintaining 500k lines of code, that report never gets fully cleared.

MACS closes that loop autonomously.

The Pipeline

Seven stages. Any language. No config file.

Point MACS at a repo URL or drop in a zip. It handles the rest.

01

READ

Chunked file ingestion with dependency-aware ordering. Understands monorepos, mixed languages, and generated code.

02

AUDIT

Joern Code Property Graph — call/data/type-flow analysis. Finds bugs a linter cannot see: race conditions, taint paths, integer overflows, logic errors across module boundaries.

03

CONSENSUS

Multiple auditor agents must agree before a bug enters the fix queue. Built-in quorum prevents false positives.

04

FIX (Best-of-N Ensemble)

Two competing model families generate patches independently. We don't pick one model's answer. We make them compete.

05

ATTACK

An adversarial critic agent actively tries to break every candidate patch. Weak fixes don't survive this stage.

06

VERIFY (Formal Gate)

Structural diff sanity · safety pattern scan · CBMC bounded model checking · Z3 SMT constraints. Math, not vibes.

07

COMMIT

Verified patches are committed. Auto-PR opened. Every state transition is HMAC-SHA256 signed. Full cryptographic audit trail.

patch-preview.diff
VERIFIED
  def process_data(self, items):
-     for item in items:
-         result = self.transform(item)
+     for item in items or []:
+         if item is not None:
+             result = self.transform(item)
      return results
Ensemble Architecture

Why two models competing beats one model trying

Bug Detected
Fixer AQwen
vs
Fixer BDeepSeek
Adversarial CriticAttacks weak patches
Formal GateZ3 SMT + CBMC
Best Patch Wins

A single LLM asked to fix a bug will fix it approximately 40–55% of the time on SWE-bench benchmarks (published literature).

MACS uses adversarial synthesis to push that ceiling higher.

We're actively measuring this at scale and will publish our numbers openly.

This transparency is a feature, not a weakness. We believe in building trust through openness.

Complete Platform

The Rhodawk AI Product Suite

A unified autonomous DevSecOps platform. MACS fixes individual bugs with surgical precision. Rhodawk DevOps Engine is the complete intelligence layer orchestrating security research, vulnerability discovery, and autonomous remediation across entire codebases.

MACS

Multi-Agent Code Stabilizer

Autonomous bug-fixing system that reads code, audits for vulnerabilities, generates patches, and passes them through formal verification gates. Operates as the tactical execution layer.

7-stage pipeline: Read → Audit → Consensus → Fix → Attack → Verify → Commit
Ensemble model voting with formal verification (Z3, CBMC)
Cryptographic audit trail on every state transition
Fix memory accumulates verified patches for learning
View Technical Details

Rhodawk DevOps Engine

Autonomous DevSecOps Control Plane v4.0

Full-stack autonomous vulnerability research and remediation system. Orchestrates reconnaissance, static/dynamic analysis, red-team attacks, and multi-model consensus for enterprise-grade security governance.

6-phase research pipeline: Recon → Static → Dynamic → Exploit → Consensus → Human Gate
25 integrated MCP servers: Z3 verifier, Hypothesis fuzzer, Semgrep, Bandit, angr symbolic execution
5 proprietary algorithms: VES, TVG, ACTS, CAD, SSEC for semantic vulnerability matching
7 language support with auto-detection: Python, JS, TS, Java, Go, Rust, Ruby
Launch Control Plane

How They Work Together

RHODAWK DEVOPS ENGINE

Full intelligence layer

Reconnaissance
Static Analysis (Semgrep, Bandit)
Dynamic Testing (Hypothesis, atheris)
Red-team Attacks (CEGIS fuzzer)

Routes Failed Tests & Crash Payloads To

MACS EXECUTOR

Tactical fix generation

Patch Generation (Ensemble models)
Formal Verification (Z3, CBMC)
Adversarial Testing
PR Opening & Learning

DATA FLYWHEEL

Every fix — successful or failed — is captured as a training sample. After 50+ verified fixes accumulate, the LoRA scheduler exports proprietary fine-tuning data. Over time, the system becomes specifically optimized for your codebase's patterns and vulnerabilities.

7

Supported Languages

25+

Integrated MCP Servers

5

Proprietary Algorithms

100%

Human-Gated Submissions

Architecture

Built for production

Every component designed for real-world deployment

Code Property Graph

Joern-backed causal analysis. Sees bugs that grep and lint cannot.

Formal Verification

Z3 SMT + CBMC on every patch. Not just "looks right" — mathematically gated.

Fix Memory

Committed fixes become few-shot context for future similar bugs. Improves per codebase over time.

Federated Patterns

Share abstract structural patterns between deployments. All identifiers stripped before export.

Sandboxed Execution

LLM-generated code runs in isolated Docker containers. Your filesystem is never touched by untrusted code.

Cryptographic Audit Trail

HMAC-SHA256 signed state transitions. Every decision logged and tamper-evident.

Mutation-Verified Tests

Auto-generated tests confirmed to kill real mutants, not just pass trivially.

Zero Config

Repo URL or zip file. No YAML. No annotations. No setup scripts.

Fully Open Source

MIT Licensed. Everything ships in the open.

We're not building a black box. Every agent, every pipeline stage, every verification layer is public. Fork it, audit it, deploy it yourself. If you find something wrong, open an issue.

View on GitHubRead the Architecture
quickstart.sh
# Clone and run MACS
git clone https://github.com/Rhodawk-AI/macs.git
cd macs
docker compose up -d
Design Partner Program

Shape MACS from Day One

We're inviting a small group of engineers and engineering teams to run MACS on their actual codebases during our Design Partner program. You get direct input into what we build next. We get real-world signal on what matters. It's a working relationship, not a survey.

Direct Line to Founders

You're not a ticket number.

Priority Setup

We help you deploy MACS on your stack personally.

Shape the Roadmap

Your use case influences what gets built next.

Apply for the Design Partner Program

We review every application. Expect a response within 48 hours.

Tech Stack

Built on production-grade infrastructure

No academic demos. Every component chosen for real-world deployment.

AI & Analysis

Anthropic
OpenAI
LangGraph
Joern
Z3
CBMC
Semgrep

Infrastructure

FastAPI
PostgreSQL
Qdrant
Docker
Redis
Celery
Prometheus

These are the tools MACS is built on.

Supported By

Early Supporter Program

Accelerating autonomous bug-fixing with infrastructure support

DigitalOcean

Hatch Program

Early supporter via Hatch startup program

Supporting the future of autonomous code stabilization and DevSecOps

Roadmap

Where we're going

NOW

Design Partner Program

  • Real codebase runs
  • Pipeline live
  • Collecting signal

NEXT

SWE-bench Verified

  • Full-scale evaluation
  • Publish numbers openly

LATER

Managed Federation Hub

  • Cross-deployment pattern sharing

FUTURE

VS Code / Zed Plugin

  • IDE integration
  • Inline suggestions

We update this page as things ship. No vaporware.

Find us