<a href="https://colab.research.google.com/github/ben854719/AI-Gateway-Evolution-Moving-from-Requests-to-Results-via-Intent/blob/main/Agentic_AI_Assistant_and_Security.ipynb" target="_parent"><img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/></a>

In [None]:
!pip install --upgrade langchain-google-genai google-generativeai
!pip install --upgrade langchain-google-genai google-generativeai langgraph

Collecting langchain-google-genai
  Downloading langchain_google_genai-2.1.10-py3-none-any.whl.metadata (7.2 kB)
Collecting filetype<2.0.0,>=1.2.0 (from langchain-google-genai)
  Downloading filetype-1.2.0-py2.py3-none-any.whl.metadata (6.5 kB)
Collecting google-ai-generativelanguage<0.7.0,>=0.6.18 (from langchain-google-genai)
  Downloading google_ai_generativelanguage-0.6.18-py3-none-any.whl.metadata (9.8 kB)
INFO: pip is looking at multiple versions of google-generativeai to determine which version is compatible with other requirements. This could take a while.
Collecting google-generativeai
  Downloading google_generativeai-0.8.5-py3-none-any.whl.metadata (3.9 kB)
  Downloading google_generativeai-0.8.4-py3-none-any.whl.metadata (4.2 kB)
  Downloading google_generativeai-0.8.3-py3-none-any.whl.metadata (3.9 kB)
  Downloading google_generativeai-0.8.2-py3-none-any.whl.metadata (3.9 kB)
INFO: pip is still looking at multiple versions of google-generativeai to determine which version 

In [None]:
!pip install "mcp[cli]"
from mcp.server.fastmcp import FastMCP

mcp = FastMCP("GeminiTools")

@mcp.tool()
def search(query: str) -> list:
    # Your search logic here
    return ["Result 1", "Result 2"]




In [None]:
!cd mcp-server-demo
!ls

/bin/bash: line 1: cd: mcp-server-demo: No such file or directory
sample_data


In [None]:
!cd mcp-server-demo && uv add langchain-google-genai langgraph

/bin/bash: line 1: cd: mcp-server-demo: No such file or directory


In [8]:
from ast import Try
from IPython import get_ipython
from IPython import display
import os
from langgraph.graph import StateGraph
from langchain_google_genai import ChatGoogleGenerativeAI
from langchain_core.messages import SystemMessage, HumanMessage
from typing import TypedDict, List
from google.colab import userdata

#Import google colab.
Colab_Secret_key = "Ben856"

# Import API Key to function Gemini.
api_key = userdata.get("Ben856")
if not api_key:
   raise ValueError("Ben856 secret not found. Please set your API key in Colab Secrets with the same Ben856")

# Initialize google gemini.
gemini_model = ChatGoogleGenerativeAI(model='gemini-2.5-flash', api_key=api_key)

# Define the state of schema using TypeDict.
class LogAnalysisState (TypedDict):
  logs: List[str]
  analysis: str
  translated_text_french: str
  translated_text_spanish: str
  translated_text_chinese: str

# Create a diagnostic report of the agentic ai assistant and security breaches.
def analyze_logs (state: LogAnalysisState) -> dict:
  """
  Analyze a list of the diagnostic logs on the performance status of the Agentic AI assistant and detect any security anomalies using Gemini model.

  Args:
      state: The current state of the LanGraph workflow, containing the logs.

  Returns:
       A dictionary containing the analysis results to update the state. The key 'analysis'
       will hold a string with the details analysis, potentially included identified
       diagnosis of the diagnostic report of the performance status of the Agentic AI assistant and detect any security anomalies.
    """
  logs = state['logs']

# Construct a more detailed prompt for the model.
  prompt_text = (
    "Analyze the following list of the diagnostic log of the performance status of the Agentic AI assistant and detect any security anomalies carefully. Your task is to identify."
    "Detect any disruption in the daily task or reminder of the Agentic Assistant."
    "Detect any disruption in providing assistant for translation in documents in English, French, Spanish, and Chinese."
    "any anomalies, suspicious patterns, or potential external security threats."
    "Detect any anomalies in the user computer."
    "For each identified anomaly, provide a brief description and indicate."
    "Detect any security breaches in the user computer."
    "which log entries are related.\n\n"
    "Diagnostic log:\n" + "\n".join(logs) + "\n\n"
    "Please provide your analysis in a clear and concise manner."
  )

  # Invoke the Gemini Model with the prompt wrapped in a human message.
  try:
    response = gemini_model.invoke([HumanMessage(content=prompt_text)])
    analysis_result = response.content
  except Exception as e:
    analysis_result = f"Error during analysis:  {e}"
    display.display(analysis_result)

    # Return a dictionary with the analysis content to update the state.
  return {"analysis": analysis_result}

# Translation the diagnostic log of the Agentic AI assistant to French.
def translate_text_french(state: LogAnalysisState) -> dict:
  """
  Translate the text to French using Gemini model.
   _Parameters:
  text(str): The text to be translated from English.
  _Returns:
  dict: the translated text in French
  """
  text_to_translate = state['analysis']
  target_language = "French"

  prompt = f"Translate the following text From English to {target_language}: {text_to_translate}"
  response = gemini_model.invoke([HumanMessage(content=prompt)])
  return {"translated_text_french": response.content}

 # Translation the diagnostic log of the Agentic AI assistant to Spanish.
def translate_text_spanish(state: LogAnalysisState) -> dict:
  """
  Translate the text to Spanish using Gemini model.
   _Parameters:
  text(str): The text to be translated from English.
  _Returns:
  dict: the translated text in Spanish
  """
  text_to_translate = state['analysis']
  target_language = "Spanish"

  prompt = f"Translate the following text From English to {target_language}: {text_to_translate}"
  response = gemini_model.invoke([HumanMessage(content=prompt)])
  return {"translated_text_spanish": response.content}

# Translation the diagnostic log of the Agentic AI assistant to Chinese.
def translated_text_chinese(state: LogAnalysisState) -> dict:
  """
  Translate the text to Chinese using Gemini Model.
  _Parameters:
  text(str): The text to be translated from English.
  _Returns:
  dict: the translated text in Chinese.
  """
  text_to_translate = state['analysis']
  target_language = "Chinese"

  prompt = f"Translate the following text From English to {target_language}: {text_to_translate}"
  response = gemini_model.invoke([HumanMessage(content=prompt)])
  return {"translated_text_chinese": response.content}

# Create LangGraph workflow.
workflow = StateGraph(state_schema=LogAnalysisState)
workflow.add_node("log_analysis", analyze_logs)
workflow.add_node("translation_french", translate_text_french)
workflow.add_node("translation_spanish", translate_text_spanish)
workflow.add_node("translation_chinese", translated_text_chinese)
workflow.add_edge("log_analysis", "translation_french")
workflow.add_edge("log_analysis", "translation_spanish")
workflow.add_edge("log_analysis", "translation_chinese")

workflow.set_entry_point("log_analysis")

# Compile the workflow.
app = workflow.compile()

# Create the diagnostic log.
diagnostic_log = [
    "User logging Successful."
    "Detect any disruption in the daily task or reminder of the Agentic Assistant."
    "Detect in the performance status of the tool utilization efficacy such as the tool selection accuracy, the tool usage efficiently, and the API Call Precision."
    "Detect any disruption in providing assistant for translation in documents in English, French, Spanish, and Chinese."
    "Remind of me if I have a meeting with John Smith on Wednesday November 10th, 2025 at 10:00 am."
    "Detect any irregularities in prompting without the consent of the user."
    "The LLM is sync with the Microsoft Suite 360 products."
    "Detect any anomalies in the component synergy score of the LLM."
    "Test the environment the robustness of the LLM such as the noise, the ambiguous, and the adversarial conditions."
    "Detect any anomalies in the user satisfaction and feedback loops such the Net Promoter Score, the Task Completion Feedback, and the Error Reporting Frequency."
    ]

# Run the workflow.
result = app.invoke({"logs": diagnostic_log})

# Run the workflow.
display.display("Running log analysis workflow...")
result = app.invoke({"logs": diagnostic_log})
display.display("\nAnalysis Result:")
display.display(result['analysis'])
display.display(f"Translated text (French): {result['translated_text_french']}")
display.display(f"Translated text (Spanish): {result['translated_text_spanish']}")
display.display(f"Translated text (Chinese): {result['translated_text_chinese']}")

# Print original and translated text
print(f"Original text: {result['analysis']}")
print(f"Translated text (French): {result['translated_text_french']}")
print(f"Translated text (Spanish): {result['translated_text_spanish']}")
print(f"Translated text (Chinese): {result['translated_text_chinese']}")

'Running log analysis workflow...'

'\nAnalysis Result:'

'The diagnostic log of the Agentic AI assistant reveals significant anomalies, primarily stemming from the log\'s structure and content, which blurs the line between system diagnostics and system commands/user input. This indicates potential security vulnerabilities and operational disruptions.\n\nHere is a detailed analysis:\n\n---\n\n### Identified Anomalies and Potential Threats\n\n**1. Log Entries Functioning as Commands/Queries (Suspicious Pattern / Potential External Security Threat)**\n\n*   **Description:** The most prominent anomaly is that a significant portion of the "diagnostic log" consists of instructions or questions for the AI assistant to "detect" or "test" various functionalities, rather than reporting actual status or findings. This is highly unusual for a diagnostic log, which should reflect the system\'s state, not actively query it. This pattern suggests a severe misconfiguration where the logging mechanism is being treated as an input channel, or it could be an a

'Translated text (French): Voici la traduction du texte en français :\n\nLe journal de diagnostic de l\'assistant IA agentique révèle des anomalies significatives, principalement dues à la structure et au contenu du journal, qui estompent la frontière entre les diagnostics système et les commandes/entrées utilisateur. Cela indique des vulnérabilités de sécurité potentielles et des perturbations opérationnelles.\n\nVoici une analyse détaillée :\n\n---\n\n### Anomalies identifiées et menaces potentielles\n\n**1. Entrées de journal fonctionnant comme des commandes/requêtes (Schéma suspect / Menace de sécurité externe potentielle)**\n\n*   **Description :** L\'anomalie la plus marquante est qu\'une partie significative du "journal de diagnostic" consiste en des instructions ou des questions demandant à l\'assistant IA de "détecter" ou de "tester" diverses fonctionnalités, plutôt que de rapporter l\'état ou les constatations réels. C\'est très inhabituel pour un journal de diagnostic, qui d

'Translated text (Spanish): Aquí tienes la traducción del texto al español:\n\nEl registro de diagnóstico del asistente de IA Agéntica revela anomalías significativas, que se derivan principalmente de la estructura y el contenido del registro, lo que desdibuja la línea entre los diagnósticos del sistema y los comandos del sistema/la entrada del usuario. Esto indica posibles vulnerabilidades de seguridad e interrupciones operativas.\n\nAquí un análisis detallado:\n\n---\n\n### Anomalías Identificadas y Amenazas Potenciales\n\n**1. Entradas de Registro que Funcionan como Comandos/Consultas (Patrón Sospechoso / Posible Amenaza de Seguridad Externa)**\n\n*   **Descripción:** La anomalía más destacada es que una parte significativa del "registro de diagnóstico" consiste en instrucciones o preguntas para que el asistente de IA "detecte" o "pruebe" diversas funcionalidades, en lugar de informar sobre el estado o los hallazgos reales. Esto es muy inusual para un registro de diagnóstico, que de

'Translated text (Chinese): 以下是文本的中文翻译：\n\n**代理式AI助手的诊断日志揭示了显著的异常，主要源于日志的结构和内容模糊了系统诊断与系统命令/用户输入之间的界限。这表明存在潜在的安全漏洞和操作中断。**\n\n以下是详细分析：\n\n---\n\n### 已识别的异常和潜在威胁\n\n**1. 日志条目充当命令/查询（可疑模式 / 潜在的外部安全威胁）**\n\n*   **描述：** 最突出的异常是，“诊断日志”的很大一部分由指示或问题组成，要求AI助手“检测”或“测试”各种功能，而不是报告实际状态或发现。这对于诊断日志来说极不寻常，诊断日志应反映系统状态，而非主动查询系统。这种模式表明存在严重的配置错误，即日志记录机制被视为输入通道；或者，它可能是外部实体试图通过将指令直接嵌入到本应是被动输出的日志中，来注入命令、探测系统能力或触发特定诊断例程。这可能是一种复杂的命令注入形式或内部系统完整性问题。\n*   **相关日志条目：**\n    *   “检测代理式助手日常任务或提醒功能的任何中断。”\n    *   “检测工具利用效率的性能状态，例如工具选择准确性、工具使用效率和API调用精度。”\n    *   “检测在英文、法文、西班牙文和中文文档中提供翻译助手的任何中断。”\n    *   “检测未经用户同意的提示中的任何异常。”\n    *   “检测大语言模型（LLM）组件协同分数中的任何异常。”\n    *   “测试大语言模型（LLM）在噪声、模糊和对抗性条件下的环境鲁棒性。”\n    *   “检测用户满意度和反馈循环中的任何异常，例如净推荐值、任务完成反馈和错误报告频率。”\n\n**2. 诊断日志中嵌入的用户命令（安全异常 / 可疑模式）**\n\n*   **描述：** 在诊断日志中发现了一个直接的用户请求（“如果我与John Smith有会议，请提醒我...”）。这是一个关键的安全和操作异常。诊断日志用于记录系统事件和状态，而不是处理用户输入。其在此处的出现可能表明：\n    *   **命令注入尝试：** 攻击者可能试图通过将其伪装成日志条目来注入命令或操纵AI的行为。\n    *   **数据泄露/配置错误：** 用户输入被不恰当地记录到敏感的诊断流中，可能暴露用户数据或表明输入处

Original text: The diagnostic log of the Agentic AI assistant reveals significant anomalies, primarily stemming from the log's structure and content, which blurs the line between system diagnostics and system commands/user input. This indicates potential security vulnerabilities and operational disruptions.

Here is a detailed analysis:

---

### Identified Anomalies and Potential Threats

**1. Log Entries Functioning as Commands/Queries (Suspicious Pattern / Potential External Security Threat)**

*   **Description:** The most prominent anomaly is that a significant portion of the "diagnostic log" consists of instructions or questions for the AI assistant to "detect" or "test" various functionalities, rather than reporting actual status or findings. This is highly unusual for a diagnostic log, which should reflect the system's state, not actively query it. This pattern suggests a severe misconfiguration where the logging mechanism is being treated as an input channel, or it could be an