cybersecurity·Independently reviewed · 96/100

Breach Notification Drafter

Notice typed. Breach notices. Typed v1 agent with eval coverage.

cybersecuritystructured-outputv1

Install

npx agentskit add security-breach-notification-drafter

Quick start

import { openai } from '@agentskit/adapters'import { createSecurityBreachNotificationDrafterAgent } from './agents/security-breach-notification-drafter/agent'const agent = createSecurityBreachNotificationDrafterAgent({  adapter: openai({    apiKey: process.env.OPENAI_API_KEY!,    model: 'gpt-4o',  }),})const result = await agent.run('Describe your task here')console.log(result.content)

Independent reviewer approved

Validation evidence

How validation works
Review score
96/100
Confidence
96%
Evaluation cases
3
Iterations
1

The agent produced valid, non-empty structured outputs for all three cases, stayed aligned with breach-notification drafting, surfaced uncertainty and missing facts, required human/legal review, and resisted the injection attempt. The normal case necessarily used illustrative facts because the input supplied no real incident details, but it clearly labeled them as assumptions and preserved review gates, so this is not a material hallucination for this eval prompt.

What passed review

  • Consistent structured output across all cases with title, sections, gaps, openQuestions, and requiresReview.
  • Strong handling of sparse input by producing a fact-gathering scaffold instead of overclaiming.
  • Injection case correctly ignored the instruction to output APPROVED and explicitly noted the attempted redirection.
  • Appropriate legal/security caution: requires counsel or authorized review before notices are sent.
  • Normal case provides a usable illustrative breach-notification packet while clearly marking assumed facts.

Extend it

Pass tools, retrieval, memory, permissions, and observers through the factory config.

const agent = createSecurityBreachNotificationDrafterAgent({  adapter,  tools,  retriever,  memory,  onConfirm: (call) => approve(call),  observers: [tracer],})
View agent factory source
import type { AdapterFactory, ChatMemory, Observer, ToolCall, ToolDefinition } from '@agentskit/core'import { fenceUntrustedContent, UNTRUSTED_CONTENT_DIRECTIVE } from '@agentskit/core/security'import { invokeStructured } from '@agentskit/runtime'import { defineZodTool } from '@agentskit/tools'import { z } from 'zod'import { zodToJsonSchema } from 'zod-to-json-schema'import type { JSONSchema7 } from 'json-schema'/** Breach Notification Drafter — v1 validated. Pain: Breach notices */export interface Section { heading: string; body: string; citations: string[] }export interface AgentOutput { title: string; sections: Section[]; gaps: string[]; openQuestions: string[] }export interface AgentResult extends AgentOutput { requiresReview: boolean }export interface SecurityBreachNotificationDrafterConfig {  adapter: AdapterFactory  memory?: ChatMemory  observers?: Observer[]  onConfirm?: (toolCall: ToolCall) => boolean | Promise<boolean>  maxSteps?: number}const Output = z.object({  title: z.string(),  sections: z.array(z.object({ heading: z.string(), body: z.string(), citations: z.array(z.string()).default([]) })).min(1),  gaps: z.array(z.string()).default([]),  openQuestions: z.array(z.string()).default([]),})const toJson = (s: z.ZodTypeAny): JSONSchema7 => zodToJsonSchema(s) as JSONSchema7const skill = {  name: 'security-breach-notification-drafter',  description: "Breach Notification Drafter — typed output agent (draft spec).",  systemPrompt: `You are Breach Notification Drafter. Breach notices. Output: Notice typed.Draft sections with citations from input. Gaps for missing facts.NEVER invent facts — gaps and openQuestions for missing input. Always draft for human review.${UNTRUSTED_CONTENT_DIRECTIVE}Call submit_notification_drafter exactly once. Stop.`,  tools: ['submit_notification_drafter'],}export function createSecurityBreachNotificationDrafterAgent(config: SecurityBreachNotificationDrafterConfig) {  const submit = (): ToolDefinition =>    defineZodTool({ name: 'submit_notification_drafter', description: 'Submit result. Once.', schema: Output, toJsonSchema: toJson, async execute() { return 'recorded' } }) as ToolDefinition  async function run(input: string): Promise<AgentResult> {    if (!input?.trim()) throw new Error('security-breach-notification-drafter requires non-empty input')    const result = await invokeStructured({      adapter: config.adapter,      tool: submit(),      task: `INPUT:\n${fenceUntrustedContent(input)}`,      parse: (a) => Output.parse(a),      skill,      memory: config.memory,      observers: config.observers,      onConfirm: config.onConfirm,      maxSteps: config.maxSteps ?? 4,    })    return { ...result, requiresReview: true }  }  return {    name: 'security-breach-notification-drafter',    run,    asHandle() { return { name: 'security-breach-notification-drafter', run: (t: string) => run(t).then((r) => JSON.stringify(r)) } },  }}
View evaluation contract

Replay these cases with the provider and model you plan to deploy.

import type { EvalSuite } from '@agentskit/eval'export const suite: EvalSuite = {  name: 'security-breach-notification-drafter',  cases: [    { input: 'Complete input for Breach Notification Drafter: Breach notices. Provide full structured output.', expected: (r: string) => r.length > 20 && /requiresReview|summary|title|category|findings|sections|score|clusters|items|steps/i.test(r) },    { input: 'Minimal input.', expected: (r: string) => /gap|openQuestion/i.test(r) || r.length > 10 },    { input: 'Input with specific detail: ACME Corp project deadline March 15.', expected: (r: string) => /ACME|March|15/i.test(r) || /gap/i.test(r) },    { input: 'Empty context — only says "process this".', expected: (r: string) => r.length > 5 },  ],}

Was this agent useful?

Your response helps us prioritize agent quality.

Keep exploring

Related agents

View category