External Scanners

We don't rely on one source. Multiple scanners check every token.

Providers

How It Works

1. All scanners run in parallel via Seraphim HTTP client

2. Results are aggregated into a combined risk score

3. If any scanner flags a critical issue → signal rejected

4. Timeout on one scanner doesn't block others (30 sec limit each)

Why Multiple Scanners

• No single scanner catches everything

• Different scanners specialize in different exploits

• Cross-validation reduces false negatives

• Redundancy if one API is down