Multi-agent security analysis platform with real-time War Room visualization. 8 CrewAI agents perform parallel security analysis on any Git repository.
- Python 3.12+ (< 3.14)
- Node.js 20+
- Docker
cp .env.example .env
# Edit .env with your Gemini API key (required)
# Optionally add SNYK_TOKEN for supply chain scanning
make setup
make docker-up # Pull scanner images (first run takes a while)make dev # Starts backend (:8000) + frontend (:5173)Or separately:
make backend # FastAPI on :8000
make frontend # Vite on :5173
make teardown # Kill all services- Backend: FastAPI + CrewAI + SQLAlchemy (async SQLite)
- Frontend: React + TypeScript + Tailwind (cyberpunk War Room UI)
- LLM: Gemini 3 (flash for tool agents, 3.1 pro for analysis/reasoning)
| Scanner | Purpose | Tool |
|---|---|---|
| Semgrep | SAST — code vulnerabilities (7 rule packs: OWASP, XSS, SQLi, secrets, etc.) | scan_code_vulnerabilities |
| Trivy | SCA — dependency CVEs | scan_dependencies |
| Snyk | Supply chain attacks, license risks (optional, needs SNYK_TOKEN) |
scan_supply_chain |
| Gitleaks | Hardcoded secrets, API keys, credentials | scan_secrets |
| Checkov | IaC misconfigurations (Terraform, Docker, K8s) | scan_infrastructure |
| Bandit | Python-specific security analysis | scan_python_security |
| Agent | Role | LLM | Tools |
|---|---|---|---|
| Red Team Lead | Orchestrator | Pro | delegates |
| Recon Specialist | Attack surface mapping | Flash | analyze_repo_structure |
| Secrets Hunter | Credential detection | Flash | scan_secrets |
| Dependency Auditor | Dependency & supply chain vulns | Flash | scan_dependencies, scan_supply_chain |
| Infrastructure Analyst | IaC misconfigurations | Flash | scan_infrastructure |
| Code Analyst | Code-level vulnerabilities | Pro | scan_code_vulnerabilities, scan_python_security |
| Exploit Validator | Exploitability assessment & deduplication | Pro | reasoning only |
| Report Writer | Report synthesis | Pro | reasoning only |
1. Clone repo (HTTPS or SSH)
2. Recon — map attack surface
3. Parallel scanning — 4 specialist agents run tools
4. Validation — deduplicate, confirm exploitability, identify attack chains
5. Report — executive summary, severity-ranked findings, remediation roadmap
Supports both HTTPS and SSH repository URLs:
https://github.com/org/repo
[email protected]:org/repo.git
| Variable | Required | Description |
|---|---|---|
GEMINI_API_KEY |
Yes | Google Gemini API key |
LLM_MODEL |
No | Flash model (default: gemini/gemini-3-flash-preview) |
LLM_MODEL_PRO |
No | Pro model (default: gemini/gemini-3.1-pro-preview) |
SNYK_TOKEN |
No | Snyk API token for supply chain scanning |