How does it integrate with Claude Code?

It integrates via the Model Context Protocol (MCP), allowing Claude to configure scans, trigger tools, and prioritize findings based on AI-guided logic.

What is the main benefit of using CQ-AI?

The primary benefit is determinism; it ensures that the same codebase and seed always produce the exact same security findings, eliminating 'flaky' scan results.

What is the 'SPI guarantee' mentioned in the skill?

The SPI guarantee stands for 'Same seed + same codebase → same findings,' which is the core principle of its deterministic analysis engine.

How does CQ-AI classify security risks?

It uses GF(3) balanced ternary polarity to map findings to three tiers: +1 (Critical), 0 (Medium), and -1 (Info).

Can CQ-AI handle large codebases efficiently?

Yes, it features a parallel scanning architecture with a work-stealing scheduler and out-of-order proofs to maintain consistency while scaling.

CQ-AI Deterministic Security Scanner

Name: CQ-AI Deterministic Security Scanner
Author: plurigrid

byplurigrid

•

安全与测试

Conducts deterministic, AI-enhanced security scans with ternary classification to ensure reproducible vulnerability detection across any environment.

关于

CQ-AI is a specialized security analysis skill that extends the Code Query (CQ) framework with deterministic analysis powered by SplitMix64 seeding. By utilizing balanced ternary polarity (GF(3)) to classify risks into Critical, Medium, or Info tiers, it provides a mathematically rigorous foundation for severity assessment. This skill is ideal for DevSecOps teams requiring consistent results across distributed environments, ensuring that the same codebase and seed always yield identical security findings through its unique SPI guarantee (Same seed + same codebase → same findings).

主要功能

Ternary Polarity Classification (GF(3)) for severity mapping
2 GitHub stars
Out-of-order proofs for result consistency across threads
Deterministic security scanning via SplitMix64 seeding
MCP integration for AI-guided configuration and prioritization
Parallel scan distribution with work-stealing scheduling

使用场景

Deterministic vulnerability discovery in large-scale microservice architectures
AI-prioritized security finding analysis using mathematical ternary logic
Reproducible CI/CD security audits across distributed development teams

关于

主要功能

Ternary Polarity Classification (GF(3)) for severity mapping
2 GitHub stars
Out-of-order proofs for result consistency across threads
Deterministic security scanning via SplitMix64 seeding
MCP integration for AI-guided configuration and prioritization
Parallel scan distribution with work-stealing scheduling

使用场景

Deterministic vulnerability discovery in large-scale microservice architectures
AI-prioritized security finding analysis using mathematical ternary logic
Reproducible CI/CD security audits across distributed development teams