{"id":36397774,"url":"https://github.com/GitHubSecurityLab/seclab-taskflows","last_synced_at":"2026-01-18T08:01:07.378Z","repository":{"id":326264042,"uuid":"1104132811","full_name":"GitHubSecurityLab/seclab-taskflows","owner":"GitHubSecurityLab","description":"Example taskflows to use with the GitHub Security Lab Taskflow Agent Framework (https://github.com/GitHubSecurityLab/seclab-taskflow-agent)","archived":false,"fork":false,"pushed_at":"2026-01-13T19:14:24.000Z","size":221,"stargazers_count":0,"open_issues_count":4,"forks_count":2,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-01-13T21:08:37.833Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/GitHubSecurityLab.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":"CODEOWNERS","security":"SECURITY.md","support":"SUPPORT.md","governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-11-25T19:54:27.000Z","updated_at":"2026-01-09T09:39:43.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/GitHubSecurityLab/seclab-taskflows","commit_stats":null,"previous_names":["githubsecuritylab/seclab-taskflows"],"tags_count":5,"template":false,"template_full_name":null,"purl":"pkg:github/GitHubSecurityLab/seclab-taskflows","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/GitHubSecurityLab%2Fseclab-taskflows","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/GitHubSecurityLab%2Fseclab-taskflows/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/GitHubSecurityLab%2Fseclab-taskflows/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/GitHubSecurityLab%2Fseclab-taskflows/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/GitHubSecurityLab","download_url":"https://codeload.github.com/GitHubSecurityLab/seclab-taskflows/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/GitHubSecurityLab%2Fseclab-taskflows/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28533739,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-18T00:39:45.795Z","status":"online","status_checked_at":"2026-01-18T02:00:07.578Z","response_time":98,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-01-11T16:00:23.210Z","updated_at":"2026-01-18T08:01:06.887Z","avatar_url":"https://github.com/GitHubSecurityLab.png","language":"Python","readme":"## SecLab taskflows\n\nThis repository contains example taskflows to use with the [SecLab Taskflow Agent](https://github.com/GitHubSecurityLab/seclab-taskflow-agent), as well as the custom MCP servers that are needed to run the taskflows. To run these taskflows, first create a directory named `data` in `src`. Various environment variables need to be set for the custom MCP servers to store data.\n\n```\nMEMCACHE_STATE_DIR=/app/data\nCODEQL_DBS_BASE_PATH=/app/data\nDATA_DIR=/app/data\nLOG_DIR=/app/logs\n```\n\nThe `MEMCACHE_STATE_DIR` is needed to persist some intermediate data in the memcache, `DATA_DIR` is needed for various mcp servers to store intermediate results, and `LOG_DIR` is used to store log files generated by the servers. These can be set in a `.env` file in the `src` directory.\n\nIf no environment variables are set for the custom MCP servers, relevant folders will be created automatically. The location depends on the platform, and is set by [`platformdirs`](https://pypi.org/project/platformdirs/).\n\nIn addition, AI API endpoints and secrets also needs to be configured via [environment variables or Codespace secrets](https://github.com/GitHubSecurityLab/seclab-taskflow-agent?tab=readme-ov-file#configuration). In particular, the environment variables `AI_API_TOKEN` and `AI_API_ENDPOINT` needs to be set to the approach AI API endpoints and credentials. If not set, the default `AI_API_ENDPOINT` is GitHub models:\n\n```\nAI_API_ENDPOINT=\"https://models.github.ai/inference\"\n```\n\nIn addition, the `GH_TOKEN` environment variable also needs to be set to allow interaction with the GitHub API, such as fetching content, creating issues etc.\n\nThe repo provides a script [`run_seclab_agent.sh`](https://github.com/GitHubSecurityLab/seclab-taskflows/blob/main/src/run_seclab_agent.sh) to run a docker container of the `seclab-taskflow-agent` as outlined [here](https://github.com/GitHubSecurityLab/seclab-taskflow-agent/tree/main?tab=readme-ov-file#deploying-from-docker). Note that this script needs to be run from the `src` directory, and the `.env` file with the environmental variables needs to be in the same directory.\n\nIndividual taskflows may need additional setup, please refer to the `README.md` in the relevant subdirectories for further requirements.\n\n## Background\n\n[SecLab Taskflows](https://github.com/GitHubSecurityLab/seclab-taskflows) is a companion repository to the [SecLab Taskflow Agent](https://github.com/GitHubSecurityLab/seclab-taskflow-agent) repository.\nSecLab Taskflow Agent is an experimental agentic framework maintained by [GitHub Security Lab](https://securitylab.github.com/). This repository provides example taskflows and supporting resources for use with the SecLab Taskflow Agent. We are using the agent and these taskflows to experiment with using AI Agents for security purposes, such as auditing code for vulnerabilities or triaging issues.\n\nWe'd love to hear your feedback. Please [create an issue](https://github.com/GitHubSecurityLab/seclab-taskflows/issues/new/choose) to send us a feature request or bug report. We also welcome pull requests (see our [contribution guidelines](./CONTRIBUTING.md) for more information if you wish to contribute).\n\n## Requirements\n\nPython \u003e= 3.9 or Docker\n\n## License\n\nThis project is licensed under the terms of the [MIT](https://spdx.org/licenses/MIT.html) license. Please refer to the [LICENSE](./LICENSE) file for the full terms.\n\n## Maintainers\n\n[CODEOWNERS](./CODEOWNERS)\n\n## Support\n\n[SUPPORT](./SUPPORT.md)\n\n","funding_links":[],"categories":["Tooling \u0026 Environment"],"sub_categories":["CodeQL AI \u0026 LLM Tooling"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FGitHubSecurityLab%2Fseclab-taskflows","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FGitHubSecurityLab%2Fseclab-taskflows","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FGitHubSecurityLab%2Fseclab-taskflows/lists"}