Synod Update: Adding a Deterministic Safety Net (and Proving It Helps)
DEV Community

Synod Update: Adding a Deterministic Safety Net (and Proving It Helps)

What Changed

Quick update on Synod, the multi-agent code reviewer I've been building for the Qwen Cloud hackathon. I added a Semgrep pre-filter in front of the security agent.

Before, every finding came purely from the LLM reading the code and reasoning about it - which works, but LLMs are stochastic. Same file, different run, sometimes a different result.

Now Semgrep scans first with deterministic rules, and the security agent validates and enriches those candidates instead of starting from zero every time.

Did It Actually Help?

I was skeptical of my own change, so I benchmarked it properly instead of assuming. Ran a single-agent baseline against the full council, with and without the pre-filter, same vulnerable file, checked against known ground truth:

Method Precision Recall F1
Single agent 75% 75%, but ranged 0โ€“75% across runs 75%
Council, LLM-only 75% same variance issue 75%
Council + Semgrep 100% 100%, every run 100%

The interesting part wasn't the top-line numbers - it was that the single-agent and LLM-only council both had real run-to-run variance. Sometimes it caught everything, sometimes it missed half. That's not a reviewer you can trust in CI.

Adding the deterministic scanner as a floor fixed that. It's not smarter, it's just consistent - and consistency turned out to matter more than I expected.

Also Shipped

  • A GitHub webhook - open a PR, Synod reviews the diff and comments directly, findings grouped by severity.
  • A small CLI, closer to how tools like Claude Code feel in the terminal, for reviewing files or whole directories without touching the API directly.

Repo's still open source: github.com/02NIN20/Synod

Built for the Global AI Hackathon Series with Qwen Cloud - Track 3: Agent Society.

Comments

No comments yet. Start the discussion.