Skip to content

evalops/meta-secdev-agent

BranchesTags

Repository files navigation

Meta Agent for Security and Development Tasks

This project provides a reference implementation of a meta agent built with the OpenAI Agents SDK. The agent can create tasks at runtime, execute registered tasks, validate user code, generate test skeletons, and operate entirely offline for security and general development workflows such as repository metrics, static analysis, and automated refactors.

Overview

The agent exposes a single tool, perform_action, with the following sub-actions:

Action Purpose
run_task Execute a task registered in the global registry.
create_tool Register new task code that accepts a params dictionary.
validate_tool Parse and validate task code before registration.
generate_test_cases Produce a minimal pytest skeleton for supplied code.
ask_query Answer clarifying questions using the offline knowledge base or list registered tasks.

Two built-in tasks ship with the agent: security_scan, which flags simple injection patterns and hard-coded secrets, and metrics, which reports non-blank Python lines of code. Additional security checks or development utilities can be created dynamically with create_tool, persisted to disk, and reused in later sessions.

Project Layout

  • meta_secdev_agent/meta_agent.py – constructs the agent, registers default tasks, and exposes perform_action.
  • meta_secdev_agent/task_registry.py – stores task definitions keyed by name and optionally persists them between runs.
  • meta_secdev_agent/general_tasks.py – implements the security_scan and metrics actions.
  • meta_secdev_agent/knowledge_base.py – provides offline answers for security and development questions used by ask_query.
  • meta_secdev_agent/agents_stub.py – minimal stand-in for the Agents SDK used in tests.
  • tests/ – pytest suite covering primitives, dynamic task registration, and built-in tasks.

Getting Started

Requirements

  • Python 3.10+
  • Optional: pytest for running the test suite

Installation and Tests

pip install pytest
pytest -q tests

Install the official Agents SDK if you want live SDK integration:

pip install openai-agents

Configuration

The agent reads environment variables (and falls back to a repository-level .env file if present):

Variable Purpose
META_AGENT_MODE stub (default) for offline mode, live to use the real OpenAI Agents SDK.
OPENAI_API_KEY Required when running in live mode.
META_AGENT_TASK_STORE Optional path for persisting dynamically registered tasks.

Create a .env file to avoid exporting variables on each run:

META_AGENT_MODE=live
OPENAI_API_KEY=sk-...

Usage

Running Built-in Tasks

from meta_secdev_agent import get_meta_agent
from meta_secdev_agent.meta_agent import Runner

meta_agent = get_meta_agent()

security = Runner.run_sync(meta_agent, {
    "action": "run_task",
    "task_name": "security_scan",
    "params": {"target_path": "/path/to/project"},
}).final_answer

metrics = Runner.run_sync(meta_agent, {
    "action": "run_task",
    "task_name": "metrics",
    "params": {"target_path": "/path/to/project"},
}).final_answer

Repository Audit

run_repo_audit combines the security scan, metrics, and any additional registered tasks into a single report.

audit = Runner.run_sync(meta_agent, {
    "action": "run_task",
    "task_name": "run_repo_audit",
    "params": {
        "target_path": "/path/to/project",
        "additional_tasks": ["custom_task_name"],
        "additional_params": {
            "custom_task_name": {"option": True}
        },
    },
}).final_answer

The result includes timestamps, checklist outputs, and any errors raised by auxiliary tasks.

Creating a Custom Task

from textwrap import dedent
from meta_secdev_agent import get_meta_agent
from meta_secdev_agent.meta_agent import Runner

meta_agent = get_meta_agent()

code = dedent("""
def custom_sum(params):
    a = params.get('a', 0)
    b = params.get('b', 0)
    return {'sum': a + b}
""")

Runner.run_sync(meta_agent, {
    "action": "create_tool",
    "task_name": "custom_sum",
    "code": code,
    "description": "Return the sum of a and b",
})

result = Runner.run_sync(meta_agent, {
    "action": "run_task",
    "task_name": "custom_sum",
    "params": {"a": 3, "b": 4},
}).final_answer

Validating Code and Generating Tests

from meta_secdev_agent.meta_agent import perform_action

code = "def hello(params): return {'msg': 'hi'}"

perform_action("validate_tool", code=code)
perform_action("generate_test_cases", code=code)

Built-in Knowledge Base and Extensibility

ask_query no longer returns a placeholder response. It consults an offline knowledge base to answer questions about the available security checks, dynamic task registration, and general development workflows. You can extend this behaviour by registering additional knowledge entries at runtime.

Tasks registered with create_tool can be persisted by supplying source code; the registry automatically rehydrates those tasks on the next run, making it easy to build a suite of reusable security and development automations.

Testing

Run the default (stub) test suite:

pytest -q tests

Run the suite against the live OpenAI Agents SDK (incurs API usage):

META_AGENT_MODE=live OPENAI_API_KEY=sk-... pytest -q tests

License

Released under the MIT License. See LICENSE for details.

About

Static analysis meta agent for security and tenant isolation workflows

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages