This repository contains example taskflows to use with the SecLab Taskflow Agent, as well as the custom MCP servers that are needed to run the taskflows. To run these taskflows, first create a directory named data in src. Various environment variables need to be set for the custom MCP servers to store data.
MEMCACHE_STATE_DIR=/app/data
CODEQL_DBS_BASE_PATH=/app/data
DATA_DIR=/app/data
The MEMCACHE_STATE_DIR is needed to persist some intermediate data in the memcache, DATA_DIR is needed for various mcp server to store intermediate results. These can be set in a .env file in the src directory.
The repo provides a script run_seclab_agent.sh to run a docker container of the seclab-taskflow-agent as outlined here. Note that this script needs to be run from the src directory.
Individual taskflows may need additional setup, please refer to the README.md in the relevant subdirectories for further requirements.
SecLab Taskflows is a companion repository to the SecLab Taskflow Agent repository. SecLab Taskflow Agent is an experimental agentic framework maintained by GitHub Security Lab. This repository provides example taskflows and supporting resources for use with the SecLab Taskflow Agent. We are using the agent and these taskflows to experiment with using AI Agents for security purposes, such as auditing code for vulnerabilities or triaging issues.
We'd love to hear your feedback. Please create an issue to send us a feature request or bug report. We also welcome pull requests (see our contribution guidelines for more information if you wish to contribute).
Python >= 3.9 or Docker
This project is licensed under the terms of the MIT license. Please refer to the LICENSE file for the full terms.