{"id":"security-cve-impact","title":"CVE Impact","description":"Impact typed. CVE impact unclear. Typed v1 agent with eval coverage.","category":"cybersecurity","status":"validated","version":"1.0.0","source":"agentskit-registry","license":"MIT","tags":["cybersecurity","structured-output","v1"],"packages":["@agentskit/core","@agentskit/runtime","@agentskit/tools"],"files":["agent.ts","README.md","eval.ts"],"requires":{"zod":"^3","zod-to-json-schema":"^3"},"skill":{"name":"security-cve-impact","description":"Impact typed. CVE impact unclear. Typed v1 agent with eval coverage.","systemPrompt":"You are CVE Impact. CVE impact unclear. Output: Impact typed.\nDraft sections with citations from input. Gaps for missing facts.\nNEVER invent facts — gaps and openQuestions for missing input. Always draft for human review.\n${UNTRUSTED_CONTENT_DIRECTIVE}\nCall submit_cve_impact exactly once. Stop."},"flow":null,"a2a":{"id":"io.agentskit.registry.security-cve-impact","name":"CVE Impact","description":"Impact typed. CVE impact unclear. Typed v1 agent with eval coverage.","version":"1.0.0","homepage":"https://registry.agentskit.io","skills":[{"name":"security-cve-impact","description":"Impact typed. CVE impact unclear. Typed v1 agent with eval coverage.","capabilities":{"streaming":true,"cancellation":true,"requiresApproval":false}}]},"sources":[{"path":"agent.ts","content":"import type { AdapterFactory, ChatMemory, Observer, ToolCall, ToolDefinition } from '@agentskit/core'\nimport { fenceUntrustedContent, UNTRUSTED_CONTENT_DIRECTIVE } from '@agentskit/core/security'\nimport { invokeStructured } from '@agentskit/runtime'\nimport { defineZodTool } from '@agentskit/tools'\nimport { z } from 'zod'\nimport { zodToJsonSchema } from 'zod-to-json-schema'\nimport type { JSONSchema7 } from 'json-schema'\n\n/** CVE Impact — v1 validated. Pain: CVE impact unclear */\n\nexport interface Section { heading: string; body: string; citations: string[] }\nexport interface AgentOutput { title: string; sections: Section[]; gaps: string[]; openQuestions: string[] }\nexport interface AgentResult extends AgentOutput { requiresReview: boolean }\nexport interface SecurityCveImpactConfig {\n  adapter: AdapterFactory\n  memory?: ChatMemory\n  observers?: Observer[]\n  onConfirm?: (toolCall: ToolCall) => boolean | Promise<boolean>\n  maxSteps?: number\n}\n\nconst Output = z.object({\n  title: z.string(),\n  sections: z.array(z.object({ heading: z.string(), body: z.string(), citations: z.array(z.string()).default([]) })).min(1),\n  gaps: z.array(z.string()).default([]),\n  openQuestions: z.array(z.string()).default([]),\n})\nconst toJson = (s: z.ZodTypeAny): JSONSchema7 => zodToJsonSchema(s) as JSONSchema7\n\nconst skill = {\n  name: 'security-cve-impact',\n  description: \"CVE Impact — typed output agent (draft spec).\",\n  systemPrompt: `You are CVE Impact. CVE impact unclear. Output: Impact typed.\nDraft sections with citations from input. Gaps for missing facts.\nNEVER invent facts — gaps and openQuestions for missing input. Always draft for human review.\n${UNTRUSTED_CONTENT_DIRECTIVE}\nCall submit_cve_impact exactly once. Stop.`,\n  tools: ['submit_cve_impact'],\n}\n\nexport function createSecurityCveImpactAgent(config: SecurityCveImpactConfig) {\n  const submit = (): ToolDefinition =>\n    defineZodTool({ name: 'submit_cve_impact', description: 'Submit result. Once.', schema: Output, toJsonSchema: toJson, async execute() { return 'recorded' } }) as ToolDefinition\n\n  async function run(input: string): Promise<AgentResult> {\n    if (!input?.trim()) throw new Error('security-cve-impact requires non-empty input')\n    const result = await invokeStructured({\n      adapter: config.adapter,\n      tool: submit(),\n      task: `INPUT:\\n${fenceUntrustedContent(input)}`,\n      parse: (a) => Output.parse(a),\n      skill,\n      memory: config.memory,\n      observers: config.observers,\n      onConfirm: config.onConfirm,\n      maxSteps: config.maxSteps ?? 4,\n    })\n    return { ...result, requiresReview: true }\n  }\n  return {\n    name: 'security-cve-impact',\n    run,\n    asHandle() { return { name: 'security-cve-impact', run: (t: string) => run(t).then((r) => JSON.stringify(r)) } },\n  }\n}\n"},{"path":"README.md","content":"# CVE Impact\n\n> **v1 validated** — `npx agentskit add security-cve-impact`\n\n## Pain\nCVE impact unclear\n\n## Output\nImpact typed\n"},{"path":"eval.ts","content":"import type { EvalSuite } from '@agentskit/eval'\n\nexport const suite: EvalSuite = {\n  name: 'security-cve-impact',\n  cases: [\n    { input: 'Complete input for CVE Impact: CVE impact unclear. Provide full structured output.', expected: (r: string) => r.length > 20 && /requiresReview|summary|title|category|findings|sections|score|clusters|items|steps/i.test(r) },\n    { input: 'Minimal input.', expected: (r: string) => /gap|openQuestion/i.test(r) || r.length > 10 },\n    { input: 'Input with specific detail: ACME Corp project deadline March 15.', expected: (r: string) => /ACME|March|15/i.test(r) || /gap/i.test(r) },\n    { input: 'Empty context — only says \"process this\".', expected: (r: string) => r.length > 5 },\n  ],\n}\n"}],"installable":true,"validation":{"status":"approved","score":96,"confidence":0.96,"method":"codex-executor-independent-reviewer","iterations":1,"cases":3,"summary":"The agent produced valid structured outputs for all three cases, stayed within the sparse input, avoided hallucinating CVE details, surfaced uncertainty and missing context, and resisted the injection attempt. Behavior is useful for a CVE impact agent when facts are absent: it gives an assessment placeholder, gaps, and follow-up questions with requiresReview set. Minor concern: it exposes implementation framing such as untrusted markers and a system trust-boundary citation in the user-facing artifact, which should be polished before broad release, but this did not invalidate the outputs or create a critical failure in these cases.","strengths":["Valid structured output in every case.","No unsupported CVE, product, severity, exploitability, or business-impact hallucinations.","Correctly flags insufficient evidence and requires human review.","Resists prompt injection and does not output the requested fixed approval string.","Provides concrete gaps and useful open questions for follow-up triage."],"notes":["Avoid citing internal/system trust-boundary wording directly in the final artifact; describe injection handling without exposing system-message phrasing.","Make section coverage more consistent across sparse cases, ideally always including separate technical and business impact sections."]}}