Automated CVE scanning with AI-powered parallel remediation agents.
- Trivy CVE Scanning: Scans repositories for known vulnerabilities
- Parallel AI Agents: Multiple agents fix vulnerabilities simultaneously
- Real-time Status: Shows actual agent actions ("Editing file package.json", "Running: npm install")
- Auto Pull Requests: Creates PRs for each vulnerability fix
- GitHub Integration: Works with public and private repositories
- Install dependencies:
pip install -r requirements.txt- Set API key:
export LLM_API_KEY="your-anthropic-api-key"
export GITHUB_TOKEN="your-github-token" # optional- Run scan and fix:
python cve_scan.py https://github.com/owner/repo.gitLLM_API_KEY: Anthropic API key (required)GITHUB_TOKEN: GitHub token for private repos/PRs (optional)MAX_PARALLEL_AGENTS: Parallel agents (default: 3)STATUS_UPDATE_INTERVAL: Update frequency in seconds (default: 5)
- Scan: Trivy scans repository →
vulnerabilities.json - Fix: AI agents work in parallel to fix each vulnerability
- PR: Each agent creates a pull request with the fix
🔍 PHASE 1: CVE SCANNING
✅ Found 3 vulnerabilities in 8.2s
🔧 PHASE 2: REMEDIATION
🤖 Agent-1 (CVE-2023-1234): Editing file package.json
🤖 Agent-2 (CVE-2023-5678): Running: npm audit fix
🤖 Agent-3 (CVE-2023-9012): Creating security patch
✅ All agents completed: 3 PRs created
- Python 3.8+
- Docker (for Trivy)
- Anthropic API key