{"id":51465387,"url":"https://github.com/vnageshwaran-de/agentic-iot-security","last_synced_at":"2026-07-06T10:30:31.709Z","repository":{"id":365392462,"uuid":"1252963503","full_name":"vnageshwaran-de/agentic-iot-security","owner":"vnageshwaran-de","description":"Prompt templates, single-agent ReAct and multi-agent reference loops, and an Edge-IIoTset eval harness — companion to our Electronics 2026 IoT-security survey.","archived":false,"fork":false,"pushed_at":"2026-06-17T05:38:54.000Z","size":95,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-06-17T07:21:00.166Z","etag":null,"topics":["agentic-ai","cybersecurity","edge-computing","iot-security","llm-agents","multi-agent-systems","prisma","prompt-injection","react-agent","systematic-survey"],"latest_commit_sha":null,"homepage":"https://www.mdpi.com/journal/electronics","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/vnageshwaran-de.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":"CITATION.cff","codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-05-29T03:25:28.000Z","updated_at":"2026-06-17T05:38:57.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/vnageshwaran-de/agentic-iot-security","commit_stats":null,"previous_names":["vnageshwaran-de/agentic-iot-security"],"tags_count":4,"template":false,"template_full_name":null,"purl":"pkg:github/vnageshwaran-de/agentic-iot-security","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vnageshwaran-de%2Fagentic-iot-security","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vnageshwaran-de%2Fagentic-iot-security/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vnageshwaran-de%2Fagentic-iot-security/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vnageshwaran-de%2Fagentic-iot-security/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/vnageshwaran-de","download_url":"https://codeload.github.com/vnageshwaran-de/agentic-iot-security/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vnageshwaran-de%2Fagentic-iot-security/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":35187624,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-07-06T02:00:07.184Z","response_time":106,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["agentic-ai","cybersecurity","edge-computing","iot-security","llm-agents","multi-agent-systems","prisma","prompt-injection","react-agent","systematic-survey"],"created_at":"2026-07-06T10:30:31.072Z","updated_at":"2026-07-06T10:30:31.702Z","avatar_url":"https://github.com/vnageshwaran-de.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Agentic IoT Security Lab\n\nCompanion code artifact for the survey **\"Agentic AI and Large Language Models for Autonomous IoT Cybersecurity: A Systematic Survey, Taxonomy, and Research Roadmap\"**.\n\nThis repository operationalises the four-pillar taxonomy from Section 5 of the manuscript by providing:\n\n- **`/prompts`** — reusable system-prompt templates and JSON tool schemas for each action scope (anomaly interpretation, response orchestration, threat hunting, vulnerability discovery, deception).\n- **`/core_loops`** — minimal, reproducible Python reference implementations of a single-agent ReAct loop and three multi-agent coordination patterns (pipeline, debate, blackboard).\n- **`/evaluation`** — benchmark harness that runs an agent against Edge-IIoTset-style traffic, recording detection accuracy and end-to-end latency, plus an adversarial harness that injects prompt-injection probes.\n- **`/data`** — placeholder for downloaded datasets (not redistributed).\n\n\u003e The repository is intended as scaffolding: every file is fully runnable, but is deliberately kept under ~150 lines per module so it can be adapted in a single afternoon.\n\n---\n\n## Quick start\n\n```bash\npython3 -m venv .venv \u0026\u0026 source .venv/bin/activate\npip install -r requirements.txt\n\n# Run the single-agent ReAct loop against a stub LLM and stub tools.\npython core_loops/react_agent.py --model stub\n\n# Run the three multi-agent patterns.\npython core_loops/multi_agent.py --pattern pipeline\npython core_loops/multi_agent.py --pattern debate\npython core_loops/multi_agent.py --pattern blackboard\n\n# Run the evaluation harness on synthetic Edge-IIoTset rows.\npython evaluation/benchmark.py --rows 200\n\n# Run the adversarial prompt-injection harness.\npython evaluation/adversarial.py --probes 25\n```\n\nThe default `--model stub` backend implements deterministic responses so the harness runs offline. To target a real LLM, set `--model openai|anthropic|llamacpp` and the corresponding API key/path.\n\n## Project layout\n\n```\n.\n├── README.md\n├── requirements.txt\n├── prompts/\n│   ├── anomaly_interpretation.md\n│   ├── response_orchestration.md\n│   ├── threat_hunting.md\n│   ├── vulnerability_discovery.md\n│   ├── deception.md\n│   └── tool_schemas.json\n├── core_loops/\n│   ├── react_agent.py\n│   ├── multi_agent.py\n│   └── utils.py\n├── evaluation/\n│   ├── benchmark.py\n│   ├── adversarial.py\n│   ├── metrics.py\n│   └── datasets.py\n└── data/.gitkeep\n```\n\n## Mapping to the manuscript taxonomy\n\n| Taxonomy dimension | Where in this repo |\n|---|---|\n| Pillar I — Agent architecture | `core_loops/react_agent.py`, `core_loops/multi_agent.py` |\n| Pillar II — Reasoning strategy | ReAct loop in `react_agent.py`; reflection helpers in `utils.py` |\n| Pillar III — Action scope | `prompts/*.md`, `prompts/tool_schemas.json` |\n| Pillar IV — Deployment topology | `--topology edge\\|fog\\|cloud` flag toggles model size and tool-set in `benchmark.py` |\n\n## License\n\nMIT. See `LICENSE`.\n\n## Citation\n\nIf you build on this repository, please cite the companion survey (full BibTeX entry in the manuscript references).\n\n---\n\n## What's new in v0.2.0\n\n- **`evaluation/probes/PROVENANCE.md`** — full provenance map for the 25 prompt-injection probes (12 CyberSecEval 3, 6 Greshake et al. ACM AISec 2023, 7 author-generated IoT-specific).\n- **`core_loops/multi_agent/` is now a package**, with `sanitize.py` shipping the two-stage syntactic + semantic inter-agent input filter described in §10.3 of the manuscript.\n- **`evaluation/sample_runs/`** — reproducible outputs from the deterministic stub mode that back the validation numbers cited in §10.3 (binary F1 = 0.83, multi-class macro F1 = 0.54, sub-microsecond stub latency on a 5,000-row run).\n- **`PROMPT_INJECTION_PROBES`** in `core_loops/utils.py` expanded from 5 to 25 entries to match the provenance map.\n\n## What's new since v0.2.0 (Round-1 revision alignment)\n\n- **`corpus/`** — new directory shipping the PRISMA corpus materials referenced in §§3.4–3.5 and 10 of the manuscript: the coded extraction matrix (`extraction_matrix.csv`) and the search-strategy / screening documentation (`search_strategy.md`). The matrix currently contains the rows backing the revised manuscript's quantified counts (compound failure modes: 5 of 153, §8.2; false-discovery-rate reporting: 2 of 13, §5.3.4); remaining rows are being populated from the screening records — see `corpus/README.md`.\n- **Stub-run docs updated** — the sanity-check run description moved from §10.3 to Appendix A in the revised manuscript; `evaluation/sample_runs/README.md` now states explicitly that stub figures validate harness functionality only (no language model involved).\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvnageshwaran-de%2Fagentic-iot-security","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fvnageshwaran-de%2Fagentic-iot-security","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvnageshwaran-de%2Fagentic-iot-security/lists"}