replying to: I told my investor 61% of my code was AI-assisted. The real number was 94%
The moat question is the part of your comment i find most interesting and i dont think you're wrong about it. One correction on framing first. the 61% in the title isnt what i told the investor, its the average the tool returned on my repo. what i actually told him was "60-70 percent" which was a guess, i genuinely didnt know. the title compressed that into a cleaner 61/94 … 
Subho Halder Subho Halder.
Co-founder and former CEO of Appknox (12 years). Now heads-down on something new in AI x Security.
About
Mobile and application security since 2012. Started on the offensive side: kernel work, runtime evasion, RASP bypasses. Wrote AFE, Devknox, and KnoxSpy. Credited in CVE-2013-0926, a WebKit sandbox escape on iOS and Android. Hall of Fame credits at Google, Apple, Facebook, and Microsoft. BlackHat since 2012: speaker, trainer, Arsenal. Other talks at DEFCON, BSidesSF, OWASP AppSec, RSA, SyScan, Nullcon, and others. Recent on arXiv: SecLens, a multi-stakeholder framework for evaluating LLMs at security vulnerability detection.
Was CTO at the start, then CEO from late 2024. Doubled the business during the CEO stint. Started on the next problem in early 2026: making AI usable inside security teams without making security worse.
Experience
2026 — NOW
Founder
Stealth — AI x Security
CURRENT
Selected work
SecLens
Multi-stakeholder evaluation framework for LLM-based security vulnerability detection. Five role-specific weight profiles, 35 dimensions, 12 frontier models tested.
Python · LLM eval
pyaxmlparser
Pure-Python parser for Android XML files. Extracts package metadata without pulling in androguard.
Python · Android
androguard
Reverse engineering and pentesting framework for Android applications. Core contributor since 2015.
Python · Android
Writing
APR 23, 2026
AI Authorship Question
An 800-line open-source scanner for how much of your code an AI wrote, and how much of it you shipped without reading.
Talks & media
2026
Why Traditional App Security Fails in the Age of AI
Eye on AI Podcast
2025
Breaking the Tunnel: Real-Time API Interception in MDM-Locked Mobile Apps with KnoxSpy
BlackHat EU Arsenal
Right now
replying to: I told my investor 61% of my code was AI-assisted. The real number was 94%
yeah this is the reframe i keep hitting on. Libs, boilerplate, SO copy pastes, scaffolds. We were already conducting more than composing long before agents showed up. Whats different now is granularity, agents work at statement level not library level so the "where did I actually decide something" signal is smeared across diff hunks instead of concentrated in architectural … replying to: I told my investor 61% of my code was AI-assisted. The real number was 94%
Honest answer: most of what I know about my codebase I still know from actually working in it. The tool gives me aggregates I wouldn't otherwise see. Two things to separate. The "66% AI authorship" number is pulled from git trailers. Claude Code, Copilot, Cursor, Codex, Gemini, Devin, Windsurf all auto-add Co-Authored-By: lines on commits. The tool reads those directly. No …