System Architecture

How AVIP agents collaborate through an A2A protocol with internal tooling

User Input (CVE, Product, OS, Arch) Gateway API (localhost:8000) REST + WebSocket LLM Provider Gemini / OpenAI / Anthropic WebSocket Event Bus live agent streaming AGENT PIPELINE Research Agent NVD + URL Trust Scoring 3-tier source validation → research.json + .pdf Ingestion Agent OS-specific script gen Windows .ps1 / Linux .sh → ingestion.json + scripts Remediation Agent Plan + priority + rollback Architect + Observer checks → remediation.json + scripts Playbook Agent Combines all outputs LLM analysis → playbook.json + .pdf INTERNAL TOOLS (consumed by agents, not exposed via API) NVD Query Web Scraper File Manager Executor Sink Manager Deep Research Circle CVE URL Validator research.json + .pdf + trust scores ingestion.json + .ps1 / .sh scripts remediation.json + rollback scripts playbook.json + .pdf final report Workspace runs/{run_id}/research + ingestion + remediation + playbook A2A Protocol

The 4 Agents

Research Agent

Queries NVD, validates URLs against trusted sources, scores reliability 0-100

research.jsonresearch.pdf

Ingestion Agent

Generates OS-specific install/remediation scripts per CVE

ingestion.jsonscripts

Remediation Agent

Plans with priority, rollback steps, observer validation checks

remediation.jsonscripts

Playbook Agent

Combines all outputs into a clean, deployable final report

playbook.jsonplaybook.pdf

Internal Tools (7)

ToolUsed ByPurpose
nvd_queryResearchNVD API 2.0 CVE lookup with filtering
web_scraperResearchURL validation + content extraction
file_managerAllRead/write JSON, PDF, scripts
command_executorIngestion, RemediationRun shell commands with safety controls
sink_managerAllCollect artifacts during pipeline
deep_researchResearchCombined NVD + web scraping + analysis
circle_cveResearchEnriched CVE with CVSS normalization

API Endpoints

EndpointDescription
POST /agent/researchRun research pipeline
POST /agent/ingest/{run_id}Generate OS-specific scripts
POST /agent/remediate/{run_id}Create remediation plans
POST /agent/playbook/{run_id}Generate final playbook
POST /pipeline/runFull 4-agent pipeline
POST /pipeline/batchProcess multiple CVEs
GET /runs/{run_id}List files in run workspace
GET /runs/{run_id}/file?path=Read file content
WS /wsLive agent + tool call stream

Source Reliability

Tier 1 — Highest

Official Vendors

NVD, Microsoft, Red Hat, Apache, Google, Apple

+100 score · 30+ domains
Tier 2 — High

Government CERTs

US-CERT, MITRE, NCSC UK, FIRST, Exploit-DB

+70 score · 17 domains
Tier 3 — Medium

Security Research

Tenable, Rapid7, CrowdStrike, Cloudflare

+40 score · 26 domains
Excluded

Blogs & Forums

Medium, Reddit, Dev.to, StackOverflow

-50 score · Excluded

Trust Proof: Every URL includes reliability tier, trust score (0-100), and evidence.

LLM Support

ProviderConfigEnv Variable
Google Geminiprovider: geminiGEMINI_API_KEY
OpenAIprovider: openaiOPENAI_API_KEY
Anthropicprovider: anthropicANTHROPIC_API_KEY
Ollamaprovider: ollamanone

A2A Flow

User Input          Agent Pipeline              Outputs
────────────────────────────────────────────────────────────
CVE, OS, Arch  →  Research Agent    →  research.json + PDF
                      ↓ (NVD, scraper, trust)
                  Ingestion Agent   →  ingestion.json + scripts
                      ↓ (executor, file_manager)
                  Remediation Agent →  remediation.json + scripts
                      ↓ (architect, observer)
                  Playbook Agent    →  playbook.json + PDF
                      ↓
                  WebSocket Bus     →  Live agent + tool logs