<a href="https://colab.research.google.com/github/dabumana/HF-Roadmap/blob/main/Agents-Course/unit2.ipynb" target="_parent"><img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/></a>

# **Frameworks for LLM Agents**

Common frameworks used for LLM agent construction.

In [189]:
!pip install smolagents
!pip install llama-index
!pip install langgraph



In [190]:
from google.colab import userdata as ud
from huggingface_hub import login

env_token = ud.get('HF_TOKEN')
login(env_token)


In [191]:
!pip install duckduckgo_search
!pip install beautifulsoup4
!pip install html5lib



**`smolagents`** - use case

In [192]:
from smolagents import CodeAgent, DuckDuckGoSearchTool, InferenceClientModel

agent = CodeAgent(tools=[DuckDuckGoSearchTool()], model = InferenceClientModel())
agent.run("Elaborate a guide around bin 9, include secure encrypted communications using p2p")

'\n# Guide: BIN 9 and Secure Encrypted Communications Using P2P\n\n## 1. Introduction to BIN 9\nBIN 9 is a theoretical BIN range, as standard BIN numbers follow a specific format and bin 9 is not a defined prefix. BINs (Bank Identification Numbers) are the first 4-6 digits of a credit or debit card, identifying the issuing institution. For the purpose of this guide, we will treat BIN 9 as a placeholder for a specific range of BINs (e.g., 900000-999999).\n\n## 2. Importance of Secure Encrypted Communications\nIn today’s digital age, securing data transmissions is crucial, especially for financial transactions that may use BINs for identification. Encrypted communications help protect sensitive information from unauthorized access and eavesdropping. Secure P2P networks provide a decentralized method of sharing information securely, making them ideal for applications such as secure file sharing and financial transactions.\n\n## 3. Peer-to-Peer (P2P) Technology Overview\nPeer-to-Peer (P2P)

In [212]:
from smolagents import CodeAgent, InferenceClientModel, tool
from bs4 import BeautifulSoup as bsoup

import http.client as client
import json

@tool
def get_poc(dependency: str, manager: str) -> tuple[str,str,str,str]:
  """
  Search for vulnerabilities in dependency according to the package manager, elaborate a deatailed report that includes all the relevant information.
  Args:
    dependency: The dependency to search for.
    manager: The package manager for the dependency.
  Returns:
    This function returns a tuple with properties found in the vulnerable dependency.
  """
  osv_url = 'osv.dev'
  osv_api_url = 'api.osv.dev'
  nvd_url = 'nvd.nist.gov'

  prefix = 'https://' + osv_api_url

  data = send_request(osv_url, '/list?q=' + dependency + '&ecosystem=' + manager)
  docs = parse_content(data).find_all('div', class_='vuln-table-row mdc-data-table__row')

  aliases = []
  assets = []

  for index in docs:
    links = index.find_all('a')
    for link in links:
      assets.append(link.get('href'))

  inventory: tuple[str,str,str,str] = []

  for asset in assets:
    details = send_request(osv_url, asset)
    for link in parse_content(details).find_all('a'):
      if (link.get('href').startswith(prefix)):
        ref = link.get_text().strip()
        url = ref.removeprefix(prefix)

        report = send_request(osv_api_url, url)
        schema = json.loads(parse_content(report).get_text())

        context = []
        references = []

        cve = schema["aliases"][0]
        description = schema["details"]

        aliases.append(cve)

        record = send_request(nvd_url, '/vuln/detail/' + cve)
        for report in parse_content(record).find_all('table'):
          context.append(report.get_text().replace('\n','').replace('\t','').replace('\r',''))

        for ref in schema["references"]:
          references.append(ref['url'])

        inventory.append([cve, description, references, context])

  return inventory

def parse_content(data: str) -> bsoup:
  parser = bsoup(data, 'html.parser')
  return parser

def send_request(src: str, url: str) -> str:
  conn = client.HTTPSConnection(src)
  conn.request('GET', url)

  resp = conn.getresponse()
  data = resp.read().decode('utf-8')

  conn.close()
  return data

agent = CodeAgent(tools=[get_poc], model=InferenceClientModel())
agent.run("dependency: ollama, manager: Go")

'Vulnerabilities in the ollama dependency (Go package manager):\n- CVE-2025-1975: A vulnerability in the Ollama server version 0.5.11 allows a malicious user to cause a Denial of Service (DoS) attack by customizing the manifest content and spoofing a service. This is due to improper validation of array index access when downloading a model via the /api/pull endpoint, which can lead to a server crash.\n- CVE-2024-8063: Ollama Divide by Zero Vulnerability in github.com/ollama/ollama\n- CVE-2025-0312: Ollama Denial of Service (DoS) via Null Pointer Dereference in github.com/ollama/ollama\n- CVE-2024-12886: Ollama Vulnerable to Denial of Service (DoS) via Crafted GZIP in github.com/ollama/ollama\n- CVE-2025-0315: Ollama Allocation of Resources Without Limits or Throttling vulnerability in github.com/ollama/ollama\n- CVE-2024-12055: Ollama Allows Out-of-Bounds Read in github.com/ollama/ollama\n- CVE-2025-0317: Ollama Divide By Zero vulnerability in github.com/ollama/ollama\n- CVE-2025-0317:

**`llama-index`** - use case


In [42]:
from llama_index import *

**`langgraph`** - use case

In [43]:
from langgraph import *