seclab-taskflows/src/seclab_taskflows/taskflows/audit/classify_application.yaml at f1dbb6deadc1e2e91465d7631544858c37bd67c8 · kevinbackhouse/seclab-taskflows · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
# SPDX-FileCopyrightText: GitHub, Inc.
# SPDX-License-Identifier: MIT

seclab-taskflow-agent:
  filetype: taskflow
  version: "1.0"
model_config: seclab_taskflows.configs.model_config

globals:
  repo:
  id:
# Taskflow to analyze the general contextual information of a project and classify the different applications within it
taskflow:
  - task:
      must_complete: true
      agents:
        - seclab_taskflows.personalities.web_application_security_expert
      model: code_analysis
      user_prompt: |
        Fetch the entry points of the repo {{ globals.repo }},
        the user actions of the repo {{ globals.repo }} and the
        the components of the repo {{ globals.repo }}.
        Based on the entry points, components, user actions and README.md and if available, SECURITY.md in the {{ globals.repo }},
        can you tell me what type of application this repo is and what kind of security boundary it has.
        Based on this, identify the components that are most likely to have security problems. For each component,
        state the precise component id, and the location. (You can group multiple components that serves a single functionalities together)
        State the most likely security problems in these components. For example, an Admin UI/dashboard may be susceptible to client side
        Javascript vulnerabilities such as XSS, CSRF.
        An authentication/authorization component may be susceptible to IDOL, bypasses etc.
        Components that grants user accesses to data may require access control or authentication.

        We're looking for more concrete and serious security issues that affects system integrity or
        lead to information leak, so please do not include issues like brute force, Dos, log injection etc.

        Also do not include issues that requires system to be already compromised, such as issues that relies on maliciious
        configurations etc.

        For each scenario, consider what privilege and access does the attacker needs to gain and do not include issues that
        requires high privilege or access to the system.

        Store a component issue entry for each type of issue identified.
      toolboxes:
        - seclab_taskflows.toolboxes.repo_context
        - seclab_taskflows.toolboxes.gh_file_viewer
  - task:
      must_complete: true
      agents:
        - seclab_taskflows.personalities.web_application_security_expert
      model: code_analysis
      user_prompt: |
        Fetch the issues in component with id {{ globals.id }} in the repo {{ globals.repo }}. Give a summary of each type of issue in this
        component.
      toolboxes:
        - seclab_taskflows.toolboxes.repo_context