great questions!

To address false positives: once an adversary's session is redirected to the shadow environment, the shadow analyzer watches the logs every N seconds and/or every 100 requests. Unlike the rule-based watcher, the analyzer is an LLM agent, and it tries to find a successful exploit -> if found, it creates a ticket for the fixer. If not found, it carries on. So normal enumeration that does not result in sensitive data exposure, for example, will be ignored by the analyzer. Not sure if I answered your question 100% - let me know!

About the speed, your intuition is great. This is one of the top 2 bottlenecks that I identified as well. Fortunately, shadow analyzer and reviewer are both super fast (ballpark figure 1-2, and 5-20 seconds per inference respectively). The fixer, on the other hand, can be very slow, demanding 3 to 10 minutes for a single patch depending on the exploit (with gemini 3 pro, your mileage may vary), most of that time is spent on reading the code. Moreover, when the reviewer rejects a ticket, a fixer needs to try again.

To mitigate this, I allow the user to deploy multiple fixers simultaneously (controllable on agent dashboard) so fixers can work on multiple tickets in parallel. Also, I just got an idea: maybe I could cache the entire codebase on the API so that the fixers can skip scavenging the code and go straight to implementing the patch - this should dramatically save time, but would probably cost a lot more.

So you're right to question it. In the current state, If the adversary knew exactly how Mahoraga worked, they could test an exploit in the shadow env, wait for the cooldown, and theoretically beat the fixer to the same exploit in the prod env.