<a href="https://colab.research.google.com/github/rupashiii/ArtificialIntelligenceProject/blob/main/CrewAIModel.ipynb" target="_parent"><img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/></a>

In [None]:
!pip install crewai gitpython bandit




In [None]:
import os
os.environ["OPENAI_API_KEY"] = "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"
os.environ["OPENAI_API_BASE"] = "https://openrouter.ai/api/v1"


In [None]:
from crewai import Agent

# Agent to clone a repo
clone_agent = Agent(
    role="Repo Cloner",
    goal="Clone the target GitHub repository to the local environment.",
    backstory="You are responsible for fetching the source code so the security agent can analyze it.",
    llm="gpt-4o-mini",  # Model via OpenRouter
)

# Agent to run Bandit security scan
scan_agent = Agent(
    role="Security Scanner",
    goal="Run a Bandit security scan on the repo and summarize the findings.",
    backstory="You are a security auditor using Bandit to find Python code vulnerabilities.",
    llm="gpt-4o-mini",
)

# Agent to compile and format final report
report_agent = Agent(
    role="Report Writer",
    goal="Summarize scan results in a structured security report.",
    backstory="You take raw Bandit output and turn it into a clear summary for stakeholders.",
    llm="gpt-4o-mini",
)


In [None]:
from crewai import Agent

# Developer Agent
dev_agent = Agent(
    role="Developer",
    goal="Clone the GitHub repository and prepare it for security scanning.",
    backstory="You are a skilled Python developer who can quickly clone repositories and set them up locally.",
    verbose=True
)

# Security Agent
security_agent = Agent(
    role="Security Analyst",
    goal="Run Bandit security scans and find vulnerabilities in the code.",
    backstory="You specialize in Python security analysis and use Bandit for scanning vulnerabilities.",
    verbose=True
)

# Report Agent
report_agent = Agent(
    role="Security Reporter",
    goal="Summarize Bandit scan results into a human-readable report.",
    backstory="You are an expert at communicating technical security results in clear language.",
    verbose=True
)


In [None]:
from crewai import Task

clone_task = Task(
    description="Clone the given GitHub repository and prepare it for security scanning.",
    expected_output="A local copy of the repository ready for Bandit security scan.",
    agent=dev_agent,
    type="research"
)

scan_task = Task(
    description="Run Bandit on the cloned repository to identify Python security vulnerabilities.",
    expected_output="A list of security issues found by Bandit, with file names and line numbers.",
    agent=security_agent,
    type="analysis"
)

report_task = Task(
    description="Analyze Bandit scan results and generate a detailed, human-readable security report.",
    expected_output="A markdown file containing security issues, their severity, and possible fixes.",
    agent=report_agent,
    type="planning"
)


In [None]:
from crewai import Crew

crew = Crew(
    agents=[clone_agent, scan_agent, report_agent],
    tasks=[clone_task, scan_task, report_task]
)

final_result = crew.kickoff()
print(final_result)


```markdown
# Bandit Security Scan Report

## Summary
This report outlines the security vulnerabilities identified by Bandit during the scan of the codebase. Each issue is categorized by severity and includes suggestions for remediation as well as links to further information.

## Findings

### 1. High Severity Issues

#### Issue: [B101] 'eval' used
- **Severity**: High  
- **Confidence**: High  
- **Location**: `<filename>.py:XX`  
- **Description**: The use of `eval()` can execute arbitrary code, which could lead to code injection vulnerabilities.  
- **Recommendation**: Replace `eval()` with safer alternatives like `ast.literal_eval()` if evaluating Python expressions.  
- **More Info**: [B101 Documentation](https://bandit.readthedocs.io/en/latest/plugins/b101_eval.html)  

#### Issue: [B123] Hardcoded password
- **Severity**: High  
- **Confidence**: Medium  
- **Location**: `<filename>.py:YY`  
- **Description**: Hardcoded passwords pose a significant security risk as anyone with 

In [None]:
from reportlab.lib.pagesizes import letter
from reportlab.pdfgen import canvas
from textwrap import wrap

# Extract plain text from CrewOutput
if hasattr(final_result, "raw"):
    final_result_text = final_result.raw
elif hasattr(final_result, "text"):
    final_result_text = final_result.text
else:
    final_result_text = str(final_result)

# Create PDF
pdf_filename = "security_audit_report.pdf"
c = canvas.Canvas(pdf_filename, pagesize=letter)
c.setFont("Helvetica", 12)

# Title
c.drawString(30, 750, "Security Audit Report")

# Wrap and write the text to PDF
y = 720
max_width = 90  # characters per line before wrapping

for line in final_result_text.split("\n"):
    wrapped_lines = wrap(line, width=max_width)  # break long lines
    for wline in wrapped_lines:
        c.drawString(30, y, wline)
        y -= 15
        if y < 40:  # new page if space runs out
            c.showPage()
            c.setFont("Helvetica", 12)
            y = 750

c.save()
print(f"PDF report saved as {pdf_filename}")


PDF report saved as security_audit_report.pdf


In [None]:
from google.colab import files
files.download("security_audit_report.pdf")


<IPython.core.display.Javascript object>

<IPython.core.display.Javascript object>