/** * Intel Agent - SLOP Native * * Threat intelligence gathering and alerting. * Monitors CVE feeds, security advisories, and emerging threats. * * Tools: * - check-cve: Get details about a specific CVE * - search-cves: Search for CVEs by keyword, package, or date * - get-advisories: Get security advisories for packages * - check-package: Check if a package has known vulnerabilities * - get-trending: Get trending/recent vulnerabilities * - subscribe: Subscribe to alerts for packages/keywords * - get-threat-feed: Get latest threat intelligence feed */ import { SLOPAgent } from './base.js'; import { SLOPAgentConfig, SLOPToolCall, SLOPToolResult } from './types.js'; export interface CVEDetails { id: string; description: string; severity: 'critical' | 'high' | 'medium' | 'low'; cvssScore: number; cvssVector?: string; publishedDate: string; modifiedDate: string; references: string[]; affectedProducts: AffectedProduct[]; exploitAvailable: boolean; patchAvailable: boolean; cwe?: string[]; } export interface AffectedProduct { vendor: string; product: string; versions: string[]; versionRange?: string; } export interface SecurityAdvisory { id: string; source: 'github' | 'npm' | 'snyk' | 'nvd' | 'osv'; package: string; ecosystem: string; severity: 'critical' | 'high' | 'medium' | 'low'; title: string; description: string; vulnerableVersions: string; patchedVersions?: string; cve?: string; url: string; publishedAt: string; } export interface ThreatFeedEntry { id: string; type: 'cve' | 'malware' | 'campaign' | 'ioc' | 'advisory'; severity: 'critical' | 'high' | 'medium' | 'low' | 'info'; title: string; description: string; source: string; timestamp: string; tags: string[]; indicators?: string[]; relatedCVEs?: string[]; url?: string; } export interface Subscription { id: string; type: 'package' | 'keyword' | 'cve-pattern' | 'ecosystem'; value: string; alertLevel: 'all' | 'high' | 'critical'; webhookUrl?: string; createdAt: string; } export interface PackageVulnCheck { package: string; version?: string; ecosystem: string; vulnerable: boolean; vulnerabilities: SecurityAdvisory[]; recommendedVersion?: string; lastChecked: string; } export declare class IntelAgent extends SLOPAgent { private subscriptions; private cveCache; private advisoryCache; constructor(config: SLOPAgentConfig); handleToolCall(call: SLOPToolCall): Promise; /** * Get CVE details */ private checkCVE; /** * Search CVEs */ private searchCVEs; /** * Get advisories for a package */ private getAdvisories; /** * Check package for vulnerabilities */ private checkPackage; /** * Get trending vulnerabilities */ private getTrending; /** * Subscribe to alerts */ private subscribe; /** * Get threat intelligence feed */ private getThreatFeed; /** * Check if indicator is malicious */ private checkIOC; private cvssToSeverity; private osvSeverityToLevel; private extractVersionRange; private versionMatches; private detectIOCType; } export declare function createIntelAgent(port?: number, coordinatorUrl?: string): IntelAgent;