github/OpenHands
1
0
Fork 0
mirror of https://github.com/OpenHands/OpenHands.git synced 2025-12-26 05:48:36 +08:00
Code Issues Packages Projects Releases Wiki Activity
OpenHands/openhands/security/llm/analyzer.py
Xingyao Wang ca424ec15d
[agent] Add LLM risk analyzer (#9349) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: openhands <openhands@all-hands.dev>
Co-authored-by: Graham Neubig <neubig@gmail.com>
Co-authored-by: llamantino <213239228+llamantino@users.noreply.github.com>
Co-authored-by: mamoodi <mamoodiha@gmail.com>
Co-authored-by: Tim O'Farrell <tofarr@gmail.com>
Co-authored-by: Hiep Le <69354317+hieptl@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Ryan H. Tran <descience.thh10@gmail.com>
Co-authored-by: Neeraj Panwar <49247372+npneeraj@users.noreply.github.com>
Co-authored-by: sp.wack <83104063+amanape@users.noreply.github.com>
Co-authored-by: Insop <1240382+insop@users.noreply.github.com>
Co-authored-by: test <test@test.com>
Co-authored-by: Engel Nyst <enyst@users.noreply.github.com>
Co-authored-by: Zhonghao Jiang <zhonghao.J@outlook.com>
Co-authored-by: Ray Myers <ray.myers@gmail.com>
2025-08-22 14:02:36 +00:00

43 lines
1.6 KiB
Python
Raw Permalink Blame History

"""Security analyzer that uses LLM-provided risk assessments."""
from typing import Any
from fastapi import Request
from openhands.core.logger import openhands_logger as logger
from openhands.events.action.action import Action, ActionSecurityRisk
from openhands.security.analyzer import SecurityAnalyzer
class LLMRiskAnalyzer(SecurityAnalyzer):
"""Security analyzer that respects LLM-provided risk assessments."""
async def handle_api_request(self, request: Request) -> Any:
"""Handles the incoming API request."""
return {'status': 'ok'}
async def security_risk(self, action: Action) -> ActionSecurityRisk:
"""Evaluates the Action for security risks and returns the risk level.
This analyzer checks if the action has a 'security_risk' attribute set by the LLM.
If it does, it uses that value. Otherwise, it returns UNKNOWN.
"""
# Check if the action has a security_risk attribute set by the LLM
if not hasattr(action, 'security_risk'):
return ActionSecurityRisk.UNKNOWN
security_risk = getattr(action, 'security_risk')
if security_risk in {
ActionSecurityRisk.LOW,
ActionSecurityRisk.MEDIUM,
ActionSecurityRisk.HIGH,
}:
return security_risk
elif security_risk == ActionSecurityRisk.UNKNOWN:
return ActionSecurityRisk.UNKNOWN
else:
# Default to UNKNOWN if security_risk value is not recognized
logger.warning(f'Unrecognized security_risk value: {security_risk}')
return ActionSecurityRisk.UNKNOWN
Reference in New Issue View Git Blame Copy Permalink