Commit
Β·
244630d
1
Parent(s):
bd09aae
new tool(test)
Browse files
app.py
CHANGED
|
@@ -90,7 +90,7 @@ Summary: {summary}
|
|
| 90 |
# Initialize BM25 retriever
|
| 91 |
self.cve_retriever = BM25Retriever.from_documents(
|
| 92 |
processed_docs,
|
| 93 |
-
k=
|
| 94 |
)
|
| 95 |
|
| 96 |
print(f"β
CVE Retriever initialized with {len(processed_docs)} document chunks")
|
|
@@ -243,6 +243,45 @@ Summary: {summary}
|
|
| 243 |
except Exception as e:
|
| 244 |
return f"β Error retrieving CVE information: {str(e)}"
|
| 245 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 246 |
def get_nvd_cve_details(self, cve_id: str) -> str:
|
| 247 |
"""
|
| 248 |
Fetches detailed CVE information from NVD (National Vulnerability Database).
|
|
@@ -526,6 +565,17 @@ demo = gr.TabbedInterface(
|
|
| 526 |
title="π¬ Smart CVE Analysis (RAG + NVD)",
|
| 527 |
description="Automatically searches CVE database AND fetches detailed NVD information for top CVEs",
|
| 528 |
api_name="search_and_fetch_cve_details"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 529 |
)
|
| 530 |
],
|
| 531 |
[
|
|
@@ -534,7 +584,8 @@ demo = gr.TabbedInterface(
|
|
| 534 |
"Repository Scanner",
|
| 535 |
"CVE Database",
|
| 536 |
"NVD CVE Details",
|
| 537 |
-
"π¬ Smart CVE Analysis"
|
|
|
|
| 538 |
],
|
| 539 |
title="π GitHub MCP Server with CVE Knowledge Base & NVD Integration"
|
| 540 |
)
|
|
|
|
| 90 |
# Initialize BM25 retriever
|
| 91 |
self.cve_retriever = BM25Retriever.from_documents(
|
| 92 |
processed_docs,
|
| 93 |
+
k=3
|
| 94 |
)
|
| 95 |
|
| 96 |
print(f"β
CVE Retriever initialized with {len(processed_docs)} document chunks")
|
|
|
|
| 243 |
except Exception as e:
|
| 244 |
return f"β Error retrieving CVE information: {str(e)}"
|
| 245 |
|
| 246 |
+
def simple_cve_search(self, query: str, k: int = 3) -> str:
|
| 247 |
+
"""Simple CVE search that returns only CVE IDs and descriptions for multi-agent workflow"""
|
| 248 |
+
if not self.cve_retriever:
|
| 249 |
+
return "β CVE retriever not properly initialized. Please check Hugging Face dataset access."
|
| 250 |
+
|
| 251 |
+
try:
|
| 252 |
+
# Set retriever to return k results
|
| 253 |
+
original_k = self.cve_retriever.k
|
| 254 |
+
self.cve_retriever.k = k
|
| 255 |
+
|
| 256 |
+
# Retrieve relevant documents
|
| 257 |
+
docs = self.cve_retriever.invoke(query)
|
| 258 |
+
|
| 259 |
+
# Restore original k
|
| 260 |
+
self.cve_retriever.k = original_k
|
| 261 |
+
|
| 262 |
+
if not docs:
|
| 263 |
+
return f"No relevant CVE information found for query: '{query}'"
|
| 264 |
+
|
| 265 |
+
# Format simple results - just CVE ID and description
|
| 266 |
+
result = f"Top {len(docs)} CVE matches for '{query}':\n\n"
|
| 267 |
+
|
| 268 |
+
for i, doc in enumerate(docs, 1):
|
| 269 |
+
metadata = doc.metadata
|
| 270 |
+
cve_id = metadata.get('cve_id', 'Unknown')
|
| 271 |
+
|
| 272 |
+
# Extract summary from content
|
| 273 |
+
content_lines = doc.page_content.split('\n')
|
| 274 |
+
summary_line = next((line for line in content_lines if line.startswith('Summary:')), '')
|
| 275 |
+
summary = summary_line.replace('Summary: ', '').strip() if summary_line else 'No summary available'
|
| 276 |
+
|
| 277 |
+
result += f"{i}. {cve_id}\n"
|
| 278 |
+
result += f" {summary}\n\n"
|
| 279 |
+
|
| 280 |
+
return result.strip()
|
| 281 |
+
|
| 282 |
+
except Exception as e:
|
| 283 |
+
return f"β Error retrieving CVE information: {str(e)}"
|
| 284 |
+
|
| 285 |
def get_nvd_cve_details(self, cve_id: str) -> str:
|
| 286 |
"""
|
| 287 |
Fetches detailed CVE information from NVD (National Vulnerability Database).
|
|
|
|
| 565 |
title="π¬ Smart CVE Analysis (RAG + NVD)",
|
| 566 |
description="Automatically searches CVE database AND fetches detailed NVD information for top CVEs",
|
| 567 |
api_name="search_and_fetch_cve_details"
|
| 568 |
+
),
|
| 569 |
+
gr.Interface(
|
| 570 |
+
fn=github_server.simple_cve_search,
|
| 571 |
+
inputs=[
|
| 572 |
+
gr.Textbox(label="Vulnerability Query", placeholder="SQL injection, XSS, command injection, etc."),
|
| 573 |
+
gr.Slider(minimum=1, maximum=10, value=3, step=1, label="Number of Results", info="Number of CVE matches to return")
|
| 574 |
+
],
|
| 575 |
+
outputs=gr.Textbox(label="Simple CVE Search Results", lines=15),
|
| 576 |
+
title="π Simple CVE Search",
|
| 577 |
+
description="Simple CVE search returning only CVE IDs and descriptions (for multi-agent workflow)",
|
| 578 |
+
api_name="simple_cve_search"
|
| 579 |
)
|
| 580 |
],
|
| 581 |
[
|
|
|
|
| 584 |
"Repository Scanner",
|
| 585 |
"CVE Database",
|
| 586 |
"NVD CVE Details",
|
| 587 |
+
"π¬ Smart CVE Analysis",
|
| 588 |
+
"π Simple CVE Search"
|
| 589 |
],
|
| 590 |
title="π GitHub MCP Server with CVE Knowledge Base & NVD Integration"
|
| 591 |
)
|