Riccardo.Bozzato
AI • CLI • Security

VulnClaw

Product Delivery: AI-Powered CLI from Zero to Open Source Community

Built an open-source AI penetration testing CLI from scratch. Managed the full product lifecycle: scope definition, architecture design, community building, roadmap prioritization, and shipping v0.4.0 with active users across 3 continents. The tool integrates AI agents for autonomous reconnaissance, vulnerability scanning, and report generation. Key lesson: starting narrow beats building broad every time. 1,200+ GitHub stars, 40+ forks, 15+ community contributors.

Features

Capabilities

Product scoping: evolved from a simple port scanner to a multi-agent AI penetration testing framework in 6 months (v0.1 → v0.4)
AI agent architecture: 3 specialized agents — Recon, Exploit, Report — that collaborate autonomously using LLM reasoning
Community management: triaged 80+ PRs and 200+ issues, maintaining a 48h first-response SLA for critical security reports
Roadmap prioritization: said 'no' to 60% of feature requests to ship the essential 40% — ruthless scope control
Open source as delivery strategy: MIT license, GitHub Discussions for roadmap voting, automated CI/CD with GitHub Actions

Tech Stack

Python
Typer
Rich
Prompt Toolkit
AI

Screenshots

Terminal-first experience

CLI help & commands

CLI help & commands

Live reconnaissance scan

Live reconnaissance scan

Findings & results

Findings & results

Get VulnClaw

VulnClaw is proprietary. Contact me for licensing inquiries or check out the project on GitHub.