Share
## https://sploitus.com/exploit?id=FC680F1F-BC43-53D0-AA72-216012BA3A1E
# sec-recon-agent

Type-safe security triage built on Pydantic AI and a custom Model Context Protocol server.

The agent answers vulnerability questions ("Is CVE-X exploitable?", "What CVEs affect Apache 2.4.49?", "Triage this Nmap output") by calling typed tools exposed over MCP:

- `cve_lookup` โ€” async NVD API client, rate-limited, returns a structured `CVEDetail`
- `cve_semantic_search` โ€” vector retrieval over a local ChromaDB index of recent high-severity CVEs
- `exploit_check` โ€” public-exploit availability (ExploitDB + GitHub PoC search)
- `nmap_parse_xml` โ€” pure parser, structured port/service extraction

The agent never produces free-text guessing. Its only output is a `TriageReport` Pydantic model: severity, exploit availability, recommended action, and the full reasoning chain.

## Why this exists

Most LLM "security assistants" hallucinate CVEs and exploit details. This one is a deliberate exercise in:

- **Strict typing on the model boundary**: every tool I/O is a Pydantic model. The LLM never sees raw JSON, only structured contracts
- **MCP as the integration layer**: tools live in a separate process, callable from any MCP-compatible client (Claude Desktop, a custom client, this agent)
- **Streaming UX**: tool calls and intermediate reasoning are streamed via Server-Sent Events
- **Security-aware AI engineering**: untrusted tool content (CVE descriptions from third parties) is fenced in the prompt; the agent has no out-of-band tools beyond the declared MCP surface

## Architecture

```
client --SSE--> agent API (FastAPI :8000)
                    โ”‚
                    โ”‚ Pydantic AI tool calls
                    โ–ผ
                MCP client --HTTP--> MCP server (:8001)
                                          โ”‚
                                          โ”œโ”€โ”€ NVD API (cve_lookup)
                                          โ”œโ”€โ”€ ChromaDB (semantic search)
                                          โ”œโ”€โ”€ ExploitDB + GitHub (exploit_check)
                                          โ””โ”€โ”€ XML parser (nmap_parse)
```

## Stack

Python 3.12+ ยท Pydantic AI ยท MCP (Anthropic SDK) ยท FastAPI (SSE) ยท ChromaDB (ONNX MiniLM embedder) ยท httpx ยท structlog ยท uv

## Running

```bash
uv sync
cp .env.example .env  # add ANTHROPIC_API_KEY (and optionally NVD_API_KEY)

uv run sec-recon-seed      # seed ChromaDB with recent high-severity CVEs (~1k)

uv run sec-recon-mcp       # terminal 1: MCP server on :8001
uv run sec-recon-api       # terminal 2: agent API on :8000

curl -N -X POST http://localhost:8000/v1/triage \
  -H "Content-Type: application/json" \
  -d '{"query": "Apache 2.4.49 on port 80. Risk?"}'
```

## Status

All four MCP tools, the Pydantic AI agent, and the FastAPI SSE surface have landed. Test suite: 35 passed. See:

- `docs/design.md` โ€” architecture decisions, threat model, and the security review findings applied to the code.
- `examples/triage_walkthrough.md` โ€” three real sessions against the live agent (specific CVE, product description, Nmap XML), captured 2026-05-18.

## License

MIT.