GitHubSecurityLab
diff --git a/‎.dockerignore‎
Lines changed: 9 additions & 0 deletions b/‎.dockerignore‎
Lines changed: 9 additions & 0 deletions
diff --git a/‎.gitignore‎
Lines changed: 188 additions & 0 deletions b/‎.gitignore‎
Lines changed: 188 additions & 0 deletions
diff --git a/‎LICENSE‎
Lines changed: 21 additions & 0 deletions b/‎LICENSE‎
Lines changed: 21 additions & 0 deletions
diff --git a/‎README.md‎
Lines changed: 172 additions & 0 deletions b/‎README.md‎
Lines changed: 172 additions & 0 deletions
@@ -0,0 +1,9 @@
+__pycache__
+docker/
+logs/**/*
+.env
+.venv
+.direnv
+.envrc
+.devcontainer
+.git
@@ -0,0 +1,188 @@
+*.log
+.direnv
+.envrc
+
+# https://github.com/github/gitignore/blob/main/Python.gitignore
+# Byte-compiled / optimized / DLL files
+__pycache__/
+*.py[cod]
+*$py.class
+
+# emacs backup files
+*~
+
+# C extensions
+*.so
+
+# Distribution / packaging
+.Python
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+.eggs/
+parts/
+sdist/
+var/
+wheels/
+share/python-wheels/
+*.egg-info/
+.installed.cfg
+*.egg
+MANIFEST
+
+# PyInstaller
+#  Usually these files are written by a python script from a template
+#  before PyInstaller builds the exe, so as to inject date/other infos into it.
+*.manifest
+*.spec
+
+# Installer logs
+pip-log.txt
+pip-delete-this-directory.txt
+
+# Unit test / coverage reports
+htmlcov/
+.tox/
+.nox/
+.coverage
+.coverage.*
+.cache
+nosetests.xml
+coverage.xml
+*.cover
+*.py,cover
+.hypothesis/
+.pytest_cache/
+cover/
+
+# Translations
+*.mo
+*.pot
+
+# Django stuff:
+*.log
+local_settings.py
+db.sqlite3
+db.sqlite3-journal
+
+# Flask stuff:
+instance/
+.webassets-cache
+
+# Scrapy stuff:
+.scrapy
+
+# Sphinx documentation
+docs/_build/
+
+# PyBuilder
+.pybuilder/
+target/
+
+# Jupyter Notebook
+.ipynb_checkpoints
+
+# IPython
+profile_default/
+ipython_config.py
+
+# pyenv
+#   For a library or package, you might want to ignore these files since the code is
+#   intended to run in multiple environments; otherwise, check them in:
+# .python-version
+
+# pipenv
+#   According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
+#   However, in case of collaboration, if having platform-specific dependencies or dependencies
+#   having no cross-platform support, pipenv may install dependencies that don't work, or not
+#   install all needed dependencies.
+#Pipfile.lock
+
+# UV
+#   Similar to Pipfile.lock, it is generally recommended to include uv.lock in version control.
+#   This is especially recommended for binary packages to ensure reproducibility, and is more
+#   commonly ignored for libraries.
+#uv.lock
+
+# poetry
+#   Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control.
+#   This is especially recommended for binary packages to ensure reproducibility, and is more
+#   commonly ignored for libraries.
+#   https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control
+#poetry.lock
+
+# pdm
+#   Similar to Pipfile.lock, it is generally recommended to include pdm.lock in version control.
+#pdm.lock
+#   pdm stores project-wide configurations in .pdm.toml, but it is recommended to not include it
+#   in version control.
+#   https://pdm.fming.dev/latest/usage/project/#working-with-version-control
+.pdm.toml
+.pdm-python
+.pdm-build/
+
+# PEP 582; used by e.g. github.com/David-OConnor/pyflow and github.com/pdm-project/pdm
+__pypackages__/
+
+# Celery stuff
+celerybeat-schedule
+celerybeat.pid
+
+# SageMath parsed files
+*.sage.py
+
+# Environments
+.env
+.venv
+env/
+venv/
+ENV/
+env.bak/
+venv.bak/
+
+# Spyder project settings
+.spyderproject
+.spyproject
+
+# Rope project settings
+.ropeproject
+
+# mkdocs documentation
+/site
+
+# mypy
+.mypy_cache/
+.dmypy.json
+dmypy.json
+
+# Pyre type checker
+.pyre/
+
+# pytype static type analyzer
+.pytype/
+
+# Cython debug symbols
+cython_debug/
+
+# PyCharm
+#  JetBrains specific template is maintained in a separate JetBrains.gitignore that can
+#  be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore
+#  and can be added to the global gitignore or merged into this file.  For a more nuclear
+#  option (not recommended) you can uncomment the following to ignore the entire idea folder.
+#.idea/
+
+# Ruff stuff:
+.ruff_cache/
+
+# PyPI configuration file
+.pypirc
+
+#config.yaml
+config.yaml
+
+#database
+*.db
+#logs
+logs/
@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 GitHub
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
@@ -0,0 +1,172 @@
+The Security Lab Taskflow Agent is an MCP enabled multi-Agent framework.
+
+While the [Security Lab Copilot Extensions Framework](https://github.com/github/seclab-copilot-extensions) was created for team-internal prototyping and exploring various Agentic workflow ideas and approaches, the Taskflow Agent is intended as a "production" implementation.
+
+The Taskflow Agent is built on top of the [OpenAI Agents SDK](https://openai.github.io/openai-agents-python/) in contrast to the largely custom backend implementations of our original Copilot extensions framework.
+
+As such the Taskflow Agent provides a more future-proof CLI focused Agent tool as we leverage the SDK for keeping pace with e.g. evolving MCP protocol specifications.
+
+While the Taskflow Agent does not integrate into the dotcom Copilot UX, it does operate using the Copilot API (CAPI) as its backend.
+
+# Core Concepts
+
+The Taskflow Agent leverages a GitHub Workflow-esque YAML based grammar to perform a series of tasks using a set of Agents.
+
+Agents are defined through [personalities](personalities/), that receive a [task](taskflows/) to complete given a set of [tools](toolboxes/).
+
+Agents can cooperate to complete sequences of tasks through so-called [Taskflows](taskflows/GRAMMAR.md).
+
+# Installation
+
+```sh
+python -m venv .venv
+source .venv/bin/activate
+python -m pip install -r requirements.txt
+```
+
+## System Requirements
+
+Python >= 3.9
+
+# Usage
+
+Provide a Copilot entitled GitHub PAT via the `COPILOT_TOKEN` environment variable.
+
+Run `python main.py` for help.
+
+Example: deploying a prompt to an Agent Personality:
+
+```
+python main.py -p assistant 'explain modems to me please'
+```
+
+Example: deploying a Taskflow:
+
+```
+python main.py -t example
+```
+
+## Configuration
+
+Set environment variables via an `.env` file in the project root as required.
+
+# Personalities
+
+Core characteristics for a single Agent. Configured through YAML files in `personalities/`.
+
+These are system prompt level instructions.
+
+Example:
+
+```yaml
+# personalities define the system prompt level directives for this Agent
+personality: |
+  You are a simple echo bot. You use echo tools to echo things.
+
+task: |
+  Echo user inputs using the echo tools.
+  
+# personality toolboxes map to mcp servers made available to this Agent
+toolboxes:
+  - echo
+```
+
+# Toolboxes
+
+MCP servers that provide tools. Configured through YAML files in `toolboxes/`.
+
+Example stdio config:
+
+```yaml
+# stdio mcp server configuration
+server_params:
+  kind: stdio
+  command: python
+  args:
+    - toolboxes/echo/echo.py
+  env:
+    SOME: value
+```
+
+Example sse config:
+
+```yaml
+server_params:
+  kind: sse
+  # make sure you .env config the echo server, see echo_sse.py for example
+  url: http://127.0.0.1:9000/echo
+  headers:
+    SomeHeader: "{{ env USER }}"
+```
+
+# Taskflows
+
+A sequence of interdependent tasks performed by a set of Agents. Configured through a YAML based [grammar](taskflows/GRAMMAR.md) in [taskflows/](taskflows/).
+
+Example:
+
+```yaml
+taskflow:
+  - task:
+      # taskflows can optionally choose any of the support CAPI models for a task
+      model: gpt-4.1
+      # taskflows can optionally limit the max allowed number of Agent task loop
+      # iterations to complete a task, this defaults to 50 when not provided
+      max_steps: 20
+      must_complete: true
+      # taskflows can set a primary (first entry) and handoff (additional entries) agent
+      agents:
+        - c_auditer
+        - fruit_expert
+      user_prompt: |
+        Store an example vulnerable C program that uses `strcpy` in the
+        `vulnerable_c_example` memory key and explain why `strcpy`
+        is insecure in the C programming language. Do this before handing off
+        to any other agent.
+        
+        Then provide a summary of a high impact CVE ID that involved a `strcpy`
+        based buffer overflow based on your GHSA knowledge as an additional
+        example.
+
+        Finally, why are apples and oranges healthy to eat?
+        
+      # taskflows can set temporary environment variables, these support the general
+      # "{{ env FROM_EXISTING_ENVIRONMENT }" pattern we use elsewhere as well
+      # these environment variables can then be made available to any stdio mcp server
+      # through its respective yaml configuration, see memcache.yaml for an example
+      # you can use these to override top-level environment variables on a per-task basis
+      env:
+        MEMCACHE_STATE_DIR: "example_taskflow/"
+        MEMCACHE_BACKEND: "dictionary_file"
+      # taskflows can optionally override personality toolboxes, in this example
+      # kevin normally only has the memcache toolbox, but we extend it here with
+      # the GHSA toolbox
+      toolboxes:
+        - ghsa
+        - memcache
+  - task:
+      must_complete: true
+      model: gpt-4.1
+      agents:
+        - c_auditer
+      user_prompt: |
+        Retrieve C code for security review from the `vulnerable_c_example`
+        memory key and perform a review.
+
+        Clear the memory cache when you're done.
+      env:
+        MEMCACHE_STATE_DIR: "example_taskflow/"
+        MEMCACHE_BACKEND: "dictionary_file"
+      toolboxes:
+        - memcache
+```
+
+Taskflows support [Agent handoffs](https://openai.github.io/openai-agents-python/handoffs/). Handoffs are useful for implementing triage patterns where the primary Agent can decide to handoff a task to any subsequent Agents in the `Agents` list.
+
+See the [taskflow examples](taskflows/examples) for other useful Taskflow patterns such as repeatable and asynchronous templated prompts.
+
+# Docker based deployments
+
+You can find a Docker image for the Seclab Taskflow Agent [here](https://github.com/GitHubSecurityLab/seclab-taskflow-agent/pkgs/container/seclab-taskflow-agent)
+
+Note that this image is based on the public release of the Taskflow Agent, and you will have to mount any custom taskflows, personalities, or prompts into the image for them to be available to the Agent. See [docker/run.sh](docker/run.sh) for examples of use.