get_security_summary
Retrieve a concise security overview for a library, including score and basic recommendations, based on its ecosystem. Simplifies evaluating library security without detailed vulnerability lists.
Instructions
Get quick security overview for a library without detailed vulnerability list.
Args:
library_name: Name of the library
ecosystem: Package ecosystem (default: PyPI)
Returns:
Concise security summary with score and basic recommendations
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| ecosystem | No | PyPI | |
| library_name | Yes |
Implementation Reference
- Main handler function for the get_security_summary tool. It uses the VulnerabilityScanner to generate a security report and returns a concise JSON-compatible dictionary with score, vulnerability counts, status, and recommendation.async def get_security_summary( self, library_name: str, ecosystem: str = "PyPI" ) -> Dict[str, Any]: """Get concise security summary""" try: report = await self.scanner.scan_library(library_name, ecosystem) return { "library": library_name, "security_score": report.security_score, "total_vulnerabilities": report.total_vulnerabilities, "critical_vulnerabilities": report.critical_count, "status": "secure" if report.security_score >= 70 else "at_risk", "primary_recommendation": ( report.recommendations[0] if report.recommendations else "No specific recommendations" ), } except Exception as e: return { "library": library_name, "security_score": 50.0, "error": str(e), "status": "unknown", }
- Core scanning logic called by the handler. Performs parallel scans across OSV, GitHub advisories, and Safety DB, generates report, handles caching.async def scan_library( self, library_name: str, ecosystem: str = "PyPI" ) -> SecurityReport: """ Comprehensive vulnerability scan for a library Args: library_name: Name of the library (e.g., "fastapi", "react") ecosystem: Package ecosystem ("PyPI", "npm", "Maven", etc.) Returns: SecurityReport with vulnerability details """ cache_key = f"{library_name}_{ecosystem}" # Check cache first if self._is_cached(cache_key): return self.cache[cache_key]["data"] vulnerabilities = [] # Scan multiple sources in parallel scan_tasks = [ self._scan_osv(library_name, ecosystem), self._scan_github_advisories(library_name, ecosystem), ( self._scan_safety_db(library_name) if ecosystem.lower() == "pypi" else self._empty_scan() ), ] try: results = await asyncio.gather(*scan_tasks, return_exceptions=True) for result in results: if isinstance(result, list): vulnerabilities.extend(result) elif isinstance(result, Exception): print(f"Scan error: {result}") except Exception as e: print(f"Vulnerability scan failed for {library_name}: {e}") # Generate security report report = self._generate_security_report( library_name, ecosystem, vulnerabilities ) # Cache the result self._cache_result(cache_key, report) return report