Verify the offer before anyone runs the repo.

Fake recruiters target your developers with coding-test repositories that quietly steal SSH keys, wallets, and tokens the moment they run. RTIdx screens the offer — and the repo it arrived with — on our infrastructure, then returns a clear, evidence-backed verdict. Nothing ever runs on your machines.

The attack is a job offer.

Security researchers call it contagious interview. An unsolicited DM, a dream role, an “AI + Web3” repo you’re asked to run before the call — and a postinstall hook that exfiltrates SSH keys, wallets, and cookies before anyone suspects a thing.

One developer runs it once and the damage is done. At team scale — every offer your people field, every take-home repo — checking by eye doesn’t hold up.

Watch a scan run, stage by stage.

github.com/aurora-labs/onchain-quant-testLinkedIn DM · “Senior Solidity engineer”
Scanning
Stage 01 · Intake

Start with what you were sent.

Paste the recruiter thread or drop a repository URL. Nothing runs on your machine — we take it from there.

  • Recruiter thread
  • Repository URL
  • Zero local execution
queue · 1 thread + 1 repo
queuesubmission accepted · LinkedIn DM + 1 repo URL
routethread → extractor · repo → clone queue
safenothing executes on your machine

What we do — and what we can do for your team.

One engine, several ways in — from a single suspicious repo to every offer your team screens.

One verdict, four layers

Recruiter context, static patterns, live sandbox detonation, and attack-chain correlation converge on a single risk band — every claim cited to a file, a line, or a trace event.

Built for teams

Private cases kept off the public ledger, higher quotas, and priority human review for the moments automation needs a second look.

In your workflow

Coming soon

CLI, API, and MCP hooks drop verdicts straight into your CI, ATS, or agent tooling — the same engine, wherever your team already works.

Why teams trust the verdict.

Independent research, public evidence, and a hard line on where code is allowed to run.

Research-backed

Our rule set and false-positive baselines come out of joint work with Stony Brook University’s Ethos Security & Privacy Lab. RTIdx is a defdone venture, built and run in-house.

Meet the research →

Public, cited verdicts

Every verdict is public and points back to the evidence — no black box. Browse real assessments before you send us anything.

Browse the public ledger →

Never on your machine

Repos are inspected and detonated on our infrastructure — never on your developers’ devices or in your CI.

Let’s tailor it to how your team screens.

Tell us how many offers your people field and how you hire — we’ll map RTIdx to your workflow and set up a pilot on your own cases.