<a href="https://colab.research.google.com/github/dabumana/HF-Roadmap/blob/main/Agents-Course/unit2.ipynb" target="_parent"><img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/></a>

# **Frameworks for LLM Agents**

Common frameworks used for LLM agent construction.

In [3]:
!pip install smolagents
!pip install llama-index
!pip install langgraph

Collecting smolagents
  Downloading smolagents-1.16.1-py3-none-any.whl.metadata (16 kB)
Collecting python-dotenv (from smolagents)
  Downloading python_dotenv-1.1.0-py3-none-any.whl.metadata (24 kB)
Downloading smolagents-1.16.1-py3-none-any.whl (125 kB)
[2K   [90m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━[0m [32m125.2/125.2 kB[0m [31m3.9 MB/s[0m eta [36m0:00:00[0m
[?25hDownloading python_dotenv-1.1.0-py3-none-any.whl (20 kB)
Installing collected packages: python-dotenv, smolagents
Successfully installed python-dotenv-1.1.0 smolagents-1.16.1
Collecting llama-index
  Downloading llama_index-0.12.36-py3-none-any.whl.metadata (12 kB)
Collecting llama-index-agent-openai<0.5,>=0.4.0 (from llama-index)
  Downloading llama_index_agent_openai-0.4.7-py3-none-any.whl.metadata (438 bytes)
Collecting llama-index-cli<0.5,>=0.4.1 (from llama-index)
  Downloading llama_index_cli-0.4.1-py3-none-any.whl.metadata (1.5 kB)
Collecting llama-index-core<0.13,>=0.12.36 (from llama-index)
  Downloadin

In [2]:
from google.colab import userdata as ud
from huggingface_hub import login

env_token = ud.get('HF_TOKEN')
login(env_token)


In [4]:
!pip install duckduckgo_search
!pip install beautifulsoup4
!pip install html5lib

Collecting duckduckgo_search
  Downloading duckduckgo_search-8.0.2-py3-none-any.whl.metadata (16 kB)
Collecting primp>=0.15.0 (from duckduckgo_search)
  Downloading primp-0.15.0-cp38-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.metadata (13 kB)
Downloading duckduckgo_search-8.0.2-py3-none-any.whl (18 kB)
Downloading primp-0.15.0-cp38-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.3 MB)
[2K   [90m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━[0m [32m3.3/3.3 MB[0m [31m30.0 MB/s[0m eta [36m0:00:00[0m
[?25hInstalling collected packages: primp, duckduckgo_search
Successfully installed duckduckgo_search-8.0.2 primp-0.15.0


**`smolagents`** - use case

In [176]:
from smolagents import CodeAgent, DuckDuckGoSearchTool, InferenceClientModel

agent = CodeAgent(tools=[DuckDuckGoSearchTool()], model = InferenceClientModel())
agent.run("Elaborate a guide around bin 9, include secure encrypted communications using p2p")

KeyboardInterrupt: 

In [188]:
from smolagents import CodeAgent, InferenceClientModel, tool
from bs4 import BeautifulSoup as bsoup

import http.client as client
import json

@tool
def get_poc(dependency: str, manager: str) -> tuple[str, str, str, str, str]:
  """
  Search for vulnerabilities in dependency according to the package manager, generate a structured report with the following elements:
    # ------------------------
    # **Dependency Vulnerability Report**
    # **Dependency**: `<dependency>`
    # **Package Manager**: `<manager>`
    # **Summary**: [High-level risks (Critical/High-severity CVEs)]
    #
    # **CVE Analysis**:
    # | CVE ID       | Severity | CVSS Score | Impact Description | Affected Versions | Remediation       |
    # |--------------|----------|------------|---------------------|-------------------|-------------------|
    # | CVE-####-### | Critical | 9.8         | RCE Exploit         | < 4.2.x          | Upgrade to 4.2.3  |
    #
    # **Remediation Plan**:
    # 1. Update dependency to version `<safe_version>` via `<manager> update command`.
    # 2. Apply patches or workarounds (if no update available).
    #
    # **References**:
    # - NVD Link: https://nvd.nist.gov/vuln/detail/CVE-xxxx-xxxx
    # - CVE Mitigation Guide: [link]
    # ------------------------
    # Return this report as a formatted string.

  Args:
    dependency: The dependency to search for.
    manager: The package manager for the dependency.
  Returns:
    A string containing the results of the search.
  """
  osv_url = 'osv.dev'
  osv_api_url = 'api.osv.dev'
  nvd_url = 'nvd.nist.gov'

  prefix = 'https://' + osv_api_url

  data = send_request(osv_url, '/list?q=' + dependency + '&ecosystem=' + manager)
  docs = parse_content(data).find_all('div', class_='vuln-table-row mdc-data-table__row')

  aliases = []
  assets = []

  for index in docs:
    links = index.find_all('a')
    for link in links:
      assets.append(link.get('href'))

  inventory: tuple[str,str,str,str,str] = []

  for asset in assets:
    details = send_request(osv_url, asset)
    content = parse_content(details).get_text().replace('\n','').replace('\t','').replace('\r','')
    for link in parse_content(details).find_all('a'):
      if (link.get('href').startswith(prefix)):
        ref = link.get_text().strip()
        url = ref.removeprefix(prefix)

        report = send_request(osv_api_url, url)
        schema = json.loads(parse_content(report).get_text())

        context = []
        references = []

        cve = schema["aliases"][0]
        description = schema["details"]

        aliases.append(cve)

        record = send_request(nvd_url, '/vuln/detail/' + cve)
        for report in parse_content(record).find_all('table'):
          context.append(report.get_text().replace('\n','').replace('\t','').replace('\r',''))

        for ref in schema["references"]:
          references.append(ref['url'])

        inventory.append([cve, description, references, context, content])

  return inventory

def parse_content(data: str) -> bsoup:
  parser = bsoup(data, 'html.parser')
  return parser

def send_request(src: str, url: str) -> str:
  conn = client.HTTPSConnection(src)
  conn.request('GET', url)

  resp = conn.getresponse()
  data = resp.read().decode('utf-8')

  conn.close()
  return data

agent = CodeAgent(tools=[get_poc], model=InferenceClientModel(model_id='Qwen/Qwen2.5-32B-Instruct'))
agent.run("search for vulnerabilities in dependency: ollama with manager: Go")

KeyboardInterrupt: 

**`llama-index`** - use case


In [42]:
from llama_index import *

**`langgraph`** - use case

In [43]:
from langgraph import *