Coverage for src/alprina_cli/api/routes/agents.py: 62%

16 statements  

« prev     ^ index     » next       coverage.py v7.11.3, created at 2025-11-14 11:27 +0100

1""" 

2Agent endpoints - /v1/agents/* 

3""" 

4 

5from fastapi import APIRouter, HTTPException 

6from typing import List 

7 

8from ..schemas.agent import AgentInfo, AgentListResponse 

9from ...security_engine import AGENTS_AVAILABLE 

10 

11router = APIRouter() 

12 

13# Complete agent catalog - ALL 18 AGENTS 

14AGENT_CATALOG = [ 

15 # === CORE SECURITY AGENTS (5) === 

16 { 

17 "name": "codeagent", 

18 "display_name": "CodeAgent", 

19 "description": "Static Application Security Testing (SAST) - analyzes source code for vulnerabilities", 

20 "capabilities": ["code-audit", "secret-detection", "vulnerability-detection", "dependency-scanning"], 

21 "supported_languages": ["python", "javascript", "typescript", "go", "rust", "java", "c", "cpp"], 

22 "category": "core", 

23 "icon": "🔍" 

24 }, 

25 { 

26 "name": "web_scanner", 

27 "display_name": "Web Scanner Agent", 

28 "description": "Web application and API security testing", 

29 "capabilities": ["web-recon", "api-security", "header-analysis", "ssl-testing"], 

30 "supported_languages": None, 

31 "category": "core", 

32 "icon": "🌐" 

33 }, 

34 { 

35 "name": "bug_bounty", 

36 "display_name": "Bug Bounty Agent", 

37 "description": "OWASP Top 10 and business logic vulnerability detection", 

38 "capabilities": ["vuln-scan", "owasp-testing", "business-logic-testing"], 

39 "supported_languages": None, 

40 "category": "core", 

41 "icon": "🎯" 

42 }, 

43 { 

44 "name": "secret_detection", 

45 "display_name": "Secret Detection Agent", 

46 "description": "Detects hardcoded secrets, API keys, passwords, and credentials", 

47 "capabilities": ["secret-detection", "credential-scanning", "entropy-analysis"], 

48 "supported_languages": ["python", "javascript", "typescript", "go", "ruby", "php"], 

49 "category": "core", 

50 "icon": "🔑" 

51 }, 

52 { 

53 "name": "config_audit", 

54 "display_name": "Config Audit Agent", 

55 "description": "Infrastructure and configuration security auditing", 

56 "capabilities": ["config-audit", "compliance-check", "docker-security", "k8s-audit"], 

57 "supported_languages": None, 

58 "category": "core", 

59 "icon": "⚙️" 

60 }, 

61 

62 # === PRIORITY 1: HIGH-VALUE AGENTS (5) === 

63 { 

64 "name": "red_teamer", 

65 "display_name": "Red Team Agent", 

66 "description": "Offensive security testing and attack simulation", 

67 "capabilities": ["offensive-security", "attack-simulation", "pen-testing", "exploit-testing"], 

68 "supported_languages": None, 

69 "category": "offensive", 

70 "icon": "⚔️" 

71 }, 

72 { 

73 "name": "blue_teamer", 

74 "display_name": "Blue Team Agent", 

75 "description": "Defensive security posture assessment and threat detection", 

76 "capabilities": ["defensive-security", "threat-detection", "defense-validation", "monitoring"], 

77 "supported_languages": None, 

78 "category": "defensive", 

79 "icon": "🛡️" 

80 }, 

81 { 

82 "name": "network_analyzer", 

83 "display_name": "Network Traffic Analyzer", 

84 "description": "Network packet inspection and traffic pattern analysis", 

85 "capabilities": ["network-analysis", "packet-inspection", "traffic-analysis", "protocol-security"], 

86 "supported_languages": None, 

87 "category": "specialized", 

88 "icon": "📡" 

89 }, 

90 { 

91 "name": "reverse_engineer", 

92 "display_name": "Reverse Engineering Agent", 

93 "description": "Binary analysis, decompilation, and malware detection", 

94 "capabilities": ["binary-analysis", "decompilation", "malware-analysis", "obfuscation-detection"], 

95 "supported_languages": None, 

96 "category": "specialized", 

97 "icon": "🔬" 

98 }, 

99 { 

100 "name": "dfir", 

101 "display_name": "DFIR Agent", 

102 "description": "Digital Forensics and Incident Response", 

103 "capabilities": ["forensics", "incident-response", "evidence-collection", "timeline-reconstruction"], 

104 "supported_languages": None, 

105 "category": "specialized", 

106 "icon": "🔍" 

107 }, 

108 

109 # === PRIORITY 2: SPECIALIZED AGENTS (5) === 

110 { 

111 "name": "android_sast", 

112 "display_name": "Android SAST Agent", 

113 "description": "Android application security testing and mobile security", 

114 "capabilities": ["android-scan", "mobile-security", "permission-analysis", "apk-analysis"], 

115 "supported_languages": ["java", "kotlin"], 

116 "category": "specialized", 

117 "icon": "📱" 

118 }, 

119 { 

120 "name": "memory_analysis", 

121 "display_name": "Memory Analysis Agent", 

122 "description": "Memory forensics and memory-based attack detection", 

123 "capabilities": ["memory-forensics", "memory-dump-analysis", "credential-extraction"], 

124 "supported_languages": None, 

125 "category": "specialized", 

126 "icon": "💾" 

127 }, 

128 { 

129 "name": "wifi_security", 

130 "display_name": "WiFi Security Tester", 

131 "description": "Wireless network security testing and encryption analysis", 

132 "capabilities": ["wifi-test", "wireless-security", "encryption-analysis", "ap-security"], 

133 "supported_languages": None, 

134 "category": "specialized", 

135 "icon": "📶" 

136 }, 

137 { 

138 "name": "replay_attack", 

139 "display_name": "Replay Attack Agent", 

140 "description": "Replay attack detection and session security testing", 

141 "capabilities": ["replay-check", "session-security", "token-analysis", "nonce-validation"], 

142 "supported_languages": None, 

143 "category": "specialized", 

144 "icon": "🔁" 

145 }, 

146 { 

147 "name": "subghz_sdr", 

148 "display_name": "Sub-GHz SDR Agent", 

149 "description": "Software Defined Radio security and RF analysis", 

150 "capabilities": ["radio-security", "rf-analysis", "iot-security", "wireless-protocol-analysis"], 

151 "supported_languages": None, 

152 "category": "specialized", 

153 "icon": "📻" 

154 }, 

155 

156 # === PRIORITY 3: UTILITY AGENTS (3) === 

157 { 

158 "name": "retester", 

159 "display_name": "Retester Agent", 

160 "description": "Re-testing and validation of previously found vulnerabilities", 

161 "capabilities": ["retest", "fix-validation", "regression-testing", "remediation-verification"], 

162 "supported_languages": None, 

163 "category": "utility", 

164 "icon": "🔄" 

165 }, 

166 { 

167 "name": "mail", 

168 "display_name": "Mail Agent", 

169 "description": "Email notifications and automated security reporting", 

170 "capabilities": ["email-report", "notifications", "alert-distribution", "scheduled-reports"], 

171 "supported_languages": None, 

172 "category": "utility", 

173 "icon": "📧" 

174 }, 

175 { 

176 "name": "guardrails", 

177 "display_name": "Guardrails Agent", 

178 "description": "Safety validation and pre-scan security checks", 

179 "capabilities": ["safety-check", "validation", "risk-assessment", "permission-check"], 

180 "supported_languages": None, 

181 "category": "utility", 

182 "icon": "🛡️" 

183 } 

184] 

185 

186 

187@router.get("/agents", response_model=AgentListResponse) 

188async def list_agents(): 

189 """ 

190 List all available security agents. 

191 

192 Returns information about all Alprina security agents including 

193 their capabilities, supported languages, and descriptions. 

194 

195 **Example:** 

196 ```python 

197 import requests 

198 

199 response = requests.get("http://localhost:8000/v1/agents") 

200 agents = response.json()["agents"] 

201 

202 for agent in agents: 

203 print(f"{agent['display_name']}: {agent['description']}") 

204 ``` 

205 """ 

206 agents_list = [ 

207 AgentInfo( 

208 name=agent["name"], 

209 display_name=agent["display_name"], 

210 description=agent["description"], 

211 capabilities=agent["capabilities"], 

212 supported_languages=agent["supported_languages"], 

213 category=agent.get("category", "core"), 

214 icon=agent.get("icon") 

215 ) 

216 for agent in AGENT_CATALOG 

217 ] 

218 

219 return AgentListResponse( 

220 agents=agents_list, 

221 total=len(agents_list), 

222 security_engine="active" if AGENTS_AVAILABLE else "fallback" 

223 ) 

224 

225 

226@router.get("/agents/{agent_name}", response_model=AgentInfo) 

227async def get_agent_info(agent_name: str): 

228 """ 

229 Get detailed information about a specific agent. 

230 

231 **Parameters:** 

232 - `agent_name`: Agent identifier (e.g., "codeagent", "web_scanner_agent") 

233 """ 

234 agent_data = next((a for a in AGENT_CATALOG if a["name"] == agent_name), None) 

235 

236 if not agent_data: 

237 raise HTTPException( 

238 status_code=404, 

239 detail=f"Agent '{agent_name}' not found" 

240 ) 

241 

242 return AgentInfo( 

243 name=agent_data["name"], 

244 display_name=agent_data["display_name"], 

245 description=agent_data["description"], 

246 capabilities=agent_data["capabilities"], 

247 supported_languages=agent_data["supported_languages"] 

248 )