hive/examples/templates/vulnerability_assessment

Passive Vulnerability Assessment

A template agent that performs passive, OSINT-based security scanning on a target domain and produces letter-grade risk scores (A-F) per category with a developer-focused vulnerability report.

Architecture

intake → passive-recon → risk-scoring → findings-review → final-report
              ↑                                |                |
              └──────── feedback loop ─────────┘                |
  intake ←────────── forever-alive loop ────────────────────────┘

Nodes

1. intake — Collect target domain from the user (client-facing)
2. passive-recon — Run 6 scanning tools: SSL/TLS, HTTP headers, DNS, ports, tech stack, subdomains
3. risk-scoring — Calculate weighted letter grades (A-F) per category via risk_score tool
4. findings-review — Present grades and findings, ask user to continue or generate report (client-facing)
5. final-report — Generate an HTML risk dashboard with remediation steps (client-facing)

Required Tools

• ssl_tls_scan, http_headers_scan, dns_security_scan
• port_scan, tech_stack_detect, subdomain_enumerate
• risk_score, save_data, serve_file_to_user

Usage

Linux / Mac

PYTHONPATH=core:examples/templates python -m vulnerability_assessment run --target "example.com"

Windows

$env:PYTHONPATH="core;examples\templates"
python -m vulnerability_assessment run --target "example.com"

Options

• -t, --target: Target domain to scan (required).
• --mock: Run without calling real LLM APIs (simulated execution).
• -v, --verbose: Show execution details.
• --debug: Show debug logging.
• --help: Show all available options.