Scanner & Zero-Day
Two dedicated commands for deep security analysis beyond the Security Guardian's continuous checks. Run on demand from the chat or terminal before sensitive deployments.
/scan — Malware & Vulnerability Scanner
Runs a comprehensive malware and vulnerability scan across all project files. Detects backdoors, obfuscation, supply chain attacks, credential theft patterns, crypto mining code, and more.
/scan # full project scan /scan --report # generate HTML + Markdown report /scan --json # raw JSON output for CI pipelines
Or run it directly from the terminal:
uneven scan uneven scan --report uneven scan --json
| Category | Severity | Examples detected |
|---|---|---|
| Remote shell | critical | /dev/tcp, nc -e, bash -i >& |
| Supply chain attack | critical | curl | bash in postinstall scripts |
| Obfuscation | high | eval(atob()), large String.fromCharCode arrays |
| Data exfiltration | high | Credential harvest + external upload patterns |
| Credential theft | high | SSH key reads, /etc/passwd, ~/.aws/credentials |
| Persistence | high | Crontab writes, systemd units, shell profile modification |
| Crypto mining | high | stratum+tcp://, xmrig, cryptonight references |
| Typosquatting | medium | Package names within Levenshtein distance ≤2 of popular packages |
1 on critical or high findings — making it safe to add to CI/CD pipelines./zeroday — Custom Vulnerability Flows
Analyzes your project source code for complex, logic-level vulnerability patterns that traditional scanners miss — such as authentication bypasses, insecure data flows, and business logic flaws unique to your codebase.
Unlike /scan which looks for known malware signatures, /zeroday reasons about how data flows through your code to find paths an attacker could exploit.
/zeroday # analyze full project /zeroday ./src/auth # focus on a specific directory
Or from the terminal:
uneven zeroday uneven zeroday ./src/auth
When to Use Each
| Command | Best for | Speed |
|---|---|---|
/scan | Pre-commit checks, dependency audits, CI pipelines | Fast |
/zeroday | Pre-release audits, auth systems, payment flows | Slower (deep analysis) |
/pentest | Live endpoint testing on running staging environments | Varies |
/agents — Multi-Agent Mode
Enables parallel AI agents to handle different parts of a task simultaneously. When active, the agent can split complex requests across multiple sub-agents and merge the results — reducing response time on large, multi-file operations.
/agents on # enable multi-agent mode /agents off # disable multi-agent mode /agents # open interactive toggle menu