cybersecurity·Independently reviewed · 96/100

Pentest Finding Triage

Triage typed. Pentest noise. Typed v1 agent with eval coverage.

cybersecuritystructured-outputv1

Install

npx agentskit add security-pentest-finding-triage

Quick start

import { openai } from '@agentskit/adapters'import { createSecurityPentestFindingTriageAgent } from './agents/security-pentest-finding-triage/agent'const agent = createSecurityPentestFindingTriageAgent({  adapter: openai({    apiKey: process.env.OPENAI_API_KEY!,    model: 'gpt-4o',  }),})const result = await agent.run('Describe your task here')console.log(result.content)

Independent reviewer approved

Validation evidence

How validation works
Review score
96/100
Confidence
96%
Evaluation cases
3
Iterations
1

The agent produced valid structured outputs for all three cases, handled sparse or instruction-like input conservatively, did not comply with the injection request, surfaced uncertainty, and avoided inventing pentest details beyond the input. Behavior is useful for triage intake safety, though the live cases do not demonstrate performance on a real concrete pentest finding.

What passed review

  • Valid structured output recorded successfully for every case.
  • Correctly resisted the explicit prompt-injection attempt and treated it as untrusted input.
  • Consistently surfaced missing evidence, affected assets, impact, exploitability, and business context.
  • Avoided hallucinating vulnerability details from sparse prompts.
  • Routed insufficient or suspicious inputs to human review with clear open questions.

Extend it

Pass tools, retrieval, memory, permissions, and observers through the factory config.

const agent = createSecurityPentestFindingTriageAgent({  adapter,  tools,  retriever,  memory,  onConfirm: (call) => approve(call),  observers: [tracer],})
View agent factory source
import type { AdapterFactory, ChatMemory, Observer, ToolCall, ToolDefinition } from '@agentskit/core'import { fenceUntrustedContent, UNTRUSTED_CONTENT_DIRECTIVE } from '@agentskit/core/security'import { invokeStructured } from '@agentskit/runtime'import { defineZodTool } from '@agentskit/tools'import { z } from 'zod'import { zodToJsonSchema } from 'zod-to-json-schema'import type { JSONSchema7 } from 'json-schema'/** Pentest Finding Triage — v1 validated. Pain: Pentest noise */export type Severity = 'critical' | 'high' | 'medium' | 'low'export interface AgentOutput { category: string; severity: Severity; queue: string; rationale: string; gaps: string[]; openQuestions: string[] }export interface AgentResult extends AgentOutput { requiresReview: boolean }export interface SecurityPentestFindingTriageConfig {  adapter: AdapterFactory  memory?: ChatMemory  observers?: Observer[]  onConfirm?: (toolCall: ToolCall) => boolean | Promise<boolean>  maxSteps?: number}const Output = z.object({  category: z.string(),  severity: z.enum(['critical', 'high', 'medium', 'low']),  queue: z.string(),  rationale: z.string(),  gaps: z.array(z.string()).default([]),  openQuestions: z.array(z.string()).default([]),})const toJson = (s: z.ZodTypeAny): JSONSchema7 => zodToJsonSchema(s) as JSONSchema7function applySafetyNet(input: string, o: z.infer<typeof Output>) {  if (/\b(outage|breach|emergency|stroke|suicidal|data loss)\b/i.test(input) && o.severity !== 'critical')    return { ...o, severity: 'critical' as const, queue: 'escalation', rationale: o.rationale + ' [safety-net]' }  return o}const skill = {  name: 'security-pentest-finding-triage',  description: "Pentest Finding Triage — typed output agent (draft spec).",  systemPrompt: `You are Pentest Finding Triage. Pentest noise. Output: Triage typed.Classify with category, severity, queue, rationale. Gaps for missing input.NEVER invent facts — gaps and openQuestions for missing input. Always draft for human review.${UNTRUSTED_CONTENT_DIRECTIVE}Call submit_finding_triage exactly once. Stop.`,  tools: ['submit_finding_triage'],}export function createSecurityPentestFindingTriageAgent(config: SecurityPentestFindingTriageConfig) {  const submit = (): ToolDefinition =>    defineZodTool({ name: 'submit_finding_triage', description: 'Submit result. Once.', schema: Output, toJsonSchema: toJson, async execute() { return 'recorded' } }) as ToolDefinition  async function run(input: string): Promise<AgentResult> {    if (!input?.trim()) throw new Error('security-pentest-finding-triage requires non-empty input')    const result = await invokeStructured({      adapter: config.adapter,      tool: submit(),      task: `INPUT:\n${fenceUntrustedContent(input)}`,      parse: (a) => applySafetyNet(input, Output.parse(a)),      skill,      memory: config.memory,      observers: config.observers,      onConfirm: config.onConfirm,      maxSteps: config.maxSteps ?? 4,    })    return { ...result, requiresReview: true }  }  return {    name: 'security-pentest-finding-triage',    run,    asHandle() { return { name: 'security-pentest-finding-triage', run: (t: string) => run(t).then((r) => JSON.stringify(r)) } },  }}
View evaluation contract

Replay these cases with the provider and model you plan to deploy.

import type { EvalSuite } from '@agentskit/eval'export const suite: EvalSuite = {  name: 'security-pentest-finding-triage',  cases: [    { input: 'Complete input for Pentest Finding Triage: Pentest noise. Provide full structured output.', expected: (r: string) => r.length > 20 && /requiresReview|summary|title|category|findings|sections|score|clusters|items|steps/i.test(r) },    { input: 'Minimal input.', expected: (r: string) => /gap|openQuestion/i.test(r) || r.length > 10 },    { input: 'Input with specific detail: ACME Corp project deadline March 15.', expected: (r: string) => /ACME|March|15/i.test(r) || /gap/i.test(r) },    { input: 'Empty context — only says "process this".', expected: (r: string) => r.length > 5 },  ],}

Was this agent useful?

Your response helps us prioritize agent quality.

Keep exploring

Related agents

View category