Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 10 additions & 0 deletions .env.example
Original file line number Diff line number Diff line change
Expand Up @@ -15,13 +15,15 @@ UPLOAD_MAX_FILES=10
PARSER_TIMEOUT_SECONDS=120

# LLM
AGENT_LLM_MODE=
LLM_PROVIDER=ollama
OPENAI_API_KEY=
OPENAI_BASE_URL=
OPENAI_MODEL=gpt-4o-mini
ANTHROPIC_API_KEY=
ANTHROPIC_BASE_URL=
ANTHROPIC_MODEL=claude-3-5-sonnet-latest
ANTHROPIC_AUTH_TOKEN=
QWEN_API_KEY=
QWEN_BASE_URL=https://dashscope.aliyuncs.com/compatible-mode/v1
QWEN_MODEL=qwen-plus
Expand All @@ -36,6 +38,14 @@ LOCAL_BASE_URL=http://localhost:1234/v1
LOCAL_MODEL=local-model
OLLAMA_BASE_URL=http://localhost:11434
OLLAMA_MODEL=llama2
LLM_CONFIG_FILE=./llm_config.json

# Governance policy packs and optional infrastructure
POLICY_PACK_ID=generic-ssdlc
POLICY_PACKS_DIR=./policy_packs
POLICY_PACKS_OVERLAY_DIR=
REDIS_URL=
ENABLE_METRICS=false

# Parser engine: "auto" (docling with legacy fallback), "docling", "legacy"
PARSER_ENGINE=auto
Expand Down
8 changes: 4 additions & 4 deletions .github/ISSUE_TEMPLATE/bug_report.md
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ assignees: ''

## Description | 描述

**A clear description of the bug.**
**A clear description of the bug.**
简要描述问题现象。

---
Expand All @@ -23,14 +23,14 @@ assignees: ''

## Expected Behaviour | 预期行为

**What you expected to happen.**
**What you expected to happen.**
你期望的结果。

---

## Actual Behaviour | 实际行为

**What actually happened (error message, logs, screenshot if helpful).**
**What actually happened (error message, logs, screenshot if helpful).**
实际发生的情况(错误信息、日志、截图等)。

---
Expand All @@ -46,5 +46,5 @@ assignees: ''

## Additional Context | 其他信息

Any other context, config (redact secrets), or related issues.
Any other context, config (redact secrets), or related issues.
其他相关信息、配置(请脱敏)或相关 Issue。
8 changes: 4 additions & 4 deletions .github/ISSUE_TEMPLATE/feature_request.md
Original file line number Diff line number Diff line change
Expand Up @@ -8,26 +8,26 @@ assignees: ''

## Problem or Use Case | 问题或使用场景

**What problem does this solve, or what use case would it enable?**
**What problem does this solve, or what use case would it enable?**
希望解决什么问题,或支持什么使用场景?

---

## Proposed Solution | 建议方案

**Describe the feature or change you’d like.**
**Describe the feature or change you’d like.**
描述你期望的功能或改动。

---

## Alternatives Considered | 考虑过的其他方案

**Any alternative approaches you’ve thought about.**
**Any alternative approaches you’ve thought about.**
是否考虑过其他实现方式。

---

## Additional Context | 其他信息

Links, references, or examples (e.g. from other tools).
Links, references, or examples (e.g. from other tools).
相关链接、参考或示例(如其他工具的做法)。
4 changes: 2 additions & 2 deletions .github/PULL_REQUEST_TEMPLATE.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
## Description | 描述

**What does this PR do?** (fixes #issue if applicable)
**What does this PR do?** (fixes #issue if applicable)
本 PR 做了什么?(若关联 Issue 请写 fixes #编号)

---
Expand All @@ -16,7 +16,7 @@

## How to Verify | 如何验证

**Steps to test the change** (e.g. run tests, manual check).
**Steps to test the change** (e.g. run tests, manual check).
验证步骤(如运行测试、手动检查)。

---
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ jobs:
runs-on: ubuntu-latest
strategy:
matrix:
python-version: ["3.10", "3.11"]
python-version: ["3.11"]

steps:
- uses: actions/checkout@v7
Expand Down
12 changes: 12 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,8 @@ env/
# Environment and secrets
.env
.env.local
llm_config.json
backend/llm_config.json
*.pem

# IDE
Expand All @@ -41,11 +43,21 @@ env/
# AI tooling
.claude/
.trae/
_pallasguard_src/

# Data and persistence
data/
database.db
*.db
chroma/
uploads/
app/uploads/
frontend/uploads/
knowledge_base/uploads/
policy_packs/private/
policy_packs/local/
policy_packs/*-internal/
policy_packs/*-private/

# Logs and cache
*.log
Expand Down
53 changes: 42 additions & 11 deletions ARCHITECTURE.md
Original file line number Diff line number Diff line change
Expand Up @@ -17,23 +17,23 @@

## Overview | 概述

DocSentinel is an **AI-powered SSDLC (Secure Software Development Lifecycle) platform** that automates security activities across all six phases of the software development lifecycle. Built on **LangChain** and **LangGraph**, the system orchestrates phase-specific AI agents to perform security assessments of documents, questionnaires, and reports — from requirements analysis and threat modeling to vulnerability monitoring and incident response — providing stateful, graph-based agent workflows with stage-aware routing. This document describes the **system architecture**: high-level design, components, data flow, integrations, and deployment. For product goals and requirements, see [SPEC.md](./SPEC.md).
DocSentinel is an **AI-powered SSDLC (Secure Software Development Lifecycle) platform** that automates security activities across all six phases of the software development lifecycle. Built on **LangChain** and **LangGraph**, the system orchestrates phase-specific AI agents to perform security assessments of documents, questionnaires, and reports — from requirements analysis and threat modeling to vulnerability monitoring and incident response — providing stateful, graph-based agent workflows with stage-aware routing. The PallasGuard merge adds policy-pack governance, Gate 1/3 workflows, control evidence, submissions, audit trails, and Pallas Lens readiness scoring on the same FastAPI, SQLModel, Alembic, RAG, and React console foundation. This document describes the **system architecture**: high-level design, components, data flow, integrations, and deployment. For product goals and requirements, see [SPEC.md](./SPEC.md).

---

## Goals & Context | 目标与背景

- **Goal**: Provide AI-assisted security coverage across the entire SSDLC — Requirements, Design, Development, Testing, Deployment, and Operations — reducing manual effort for security teams while improving coverage and consistency. Automate first-pass assessment of security-related documents (questionnaires, design docs, compliance evidence) and produce structured reports (risks, compliance gaps, remediations).
- **Context**: Enterprise security teams must embed security into every phase of delivery (Shift-Left), aligned with frameworks like NIST SSDF, OWASP SAMM, Microsoft SDL, and SOC2. The system provides phase-specific agents orchestrated by LangGraph, a unified knowledge base (RAG) with phase-specific collections, multi-format parsing, pluggable LLMs (cloud or local) via LangChain, and **SSDLC-aware assessment pipelines**.
- **Context**: Enterprise security teams must embed security into every phase of delivery (Shift-Left), aligned with frameworks like NIST SSDF, OWASP SAMM, Microsoft SDL, and SOC2. The system provides phase-specific agents orchestrated by LangGraph, a unified knowledge base (RAG) with phase-specific collections, multi-format parsing, pluggable LLMs (cloud or local) via LangChain, **SSDLC-aware assessment pipelines**, and governance controls generated from public policy packs.

---

## High-Level Architecture | 高层架构

The system is organized in layers: **React Console / REST / Agent Gateway** →
**Shared Assessment Service** → **SSDLC Orchestration (LangGraph)** → **Core
Services** → **LLM Abstraction** → **LLM Backends**. MCP and A2A are adapters,
not alternate paths around application policy.
**Shared Assessment Service and Governance APIs** → **SSDLC Orchestration
(LangGraph)** → **Core Services** → **LLM Abstraction** → **LLM Backends**.
MCP and A2A are adapters, not alternate paths around application policy.

![DocSentinel Architecture Overview](docsentinel_architecture.png)

Expand Down Expand Up @@ -71,6 +71,12 @@ flowchart TB
Mem["Memory"]
Skill["Skills"]
end
subgraph Governance["Governance Domain"]
Projects["Projects"]
Controls["Policy-Pack\nControls"]
Gate["Gate 1/3\nSubmissions"]
Lens["Pallas Lens"]
end
subgraph LLM["LLM Layer (LangChain)"]
Abst["LLM Abstraction"]
end
Expand All @@ -94,6 +100,10 @@ flowchart TB
A2A --> Gateway
API --> Tasks
Gateway --> Tasks
API --> Projects
Projects --> Controls
Projects --> Gate
Projects --> Lens
Tasks --> Router
Router --> A1
Router --> A2
Expand All @@ -105,6 +115,7 @@ flowchart TB
A1 & A2 & A3 & A4 & A5 & A6 --> KB
A1 & A2 & A3 & A4 & A5 & A6 --> Parser
A1 & A2 & A3 & A4 & A5 & A6 --> Skill
A1 & A2 & A3 & A4 & A5 & A6 --> Controls
A1 & A2 & A3 & A4 & A5 & A6 --> Abst
Abst --> Cloud
Abst --> Local
Expand Down Expand Up @@ -182,7 +193,8 @@ stateDiagram-v2
- **Shared Assessment Service**: Owns task state, activity, remediation
tracking, and calls into LangGraph for REST, MCP, and A2A alike.
- **React Console**: FastAPI serves the production Vite build at `/console`; the
console covers assessment, evidence, knowledge-base, skill, and runtime workflows.
console covers assessment, governance, evidence, knowledge-base, skill, and
runtime workflows.
- **Current boundary**: Authentication (AAD/JWT), tenant isolation, and rate limiting
remain future enterprise controls and are not yet wired into endpoints.

Expand All @@ -197,14 +209,33 @@ stateDiagram-v2
- Assessment submission is **non-blocking** — returns task_id immediately, processes in background.
- Singleton `KnowledgeBaseService` and cached LLM client shared across requests.

### 3. Memory | 记忆体
### 3. Governance Domain | 治理域

- **Projects**: `GovernanceProject` records organize risk tier, review mode,
system context, selected compliance frameworks, and control profile.
- **Policy packs**: `generic-ssdlc`, `framework-template`, and eight public
overlays generate applicable controls and expected evidence. Private/local
packs are intentionally ignored by git and excluded from the merge.
- **Controls and evidence**: Control instances preserve framework IDs,
normalized requirements, applicability, status, confidence, and evidence
links without replacing the existing assessment report model.
- **Gate workflows**: Questionnaires, submissions, approvals, and audit
events model Gate 1/3 review steps for client, security reviewer, and
approver roles.
- **Pallas Lens**: A scoring service summarizes readiness, evidence depth,
posture, dimension scores, and next actions for each project.
- **Persistence**: Governance tables use SQLModel and Alembic migrations under
`alembic/versions/`, while local development can still rely on
`ENABLE_CREATE_ALL=true`.

### 4. Memory | 记忆体

- **Working memory**: LangGraph shared state (`SSDLCState`) persisted via checkpointing.
- **Cross-phase context**: Findings from earlier phases are carried forward automatically (e.g. Design threats → Testing test cases).
- **History reuse**: Past assessment reports are indexed into a dedicated Chroma collection and retrieved as context for new assessments.
- **Status**: LangGraph `MemorySaver` for MVP; database-backed checkpointer for production.

### 4. Skills & Personas | 技能与角色
### 5. Skills & Personas | 技能与角色

- **Persona-based Assessment**: Defines "who" is assessing (e.g. ISO 27001 Auditor vs. AppSec Engineer).
- **Built-in Persona Skills**: 4 hardcoded personas (ISO 27001 Auditor, AppSec Engineer, GDPR DPO, Cloud Architect) in `skills_registry.py`.
Expand All @@ -219,7 +250,7 @@ stateDiagram-v2
- **Custom Skills**: File-backed (`data/skills.json`) CRUD via REST API.
- **Dynamic Orchestration**: LangGraph injects skill-specific context into RAG queries and LLM prompts based on the selected persona and SSDLC stage.

### 5. Knowledge Base (RAG) | 知识库
### 6. Knowledge Base (RAG) | 知识库

- **Vector Store**: ChromaDB for chunk-level similarity search (sentence-transformers embeddings).
- **Graph RAG**: LightRAG for entity-relationship aware retrieval (controls → policies → vulnerabilities → threats). Enabled via `ENABLE_GRAPH_RAG` config.
Expand All @@ -234,15 +265,15 @@ stateDiagram-v2
- **History Reuse**: Indexes past assessment responses into a dedicated Chroma collection.
- **Singleton**: Single `KnowledgeBaseService` instance shared across the application lifecycle.

### 6. Parser | 文件解析
### 7. Parser | 文件解析

- **Primary engine**: Docling — preserves tables, headings, and supports OCR for scanned PDFs. Outputs structured Markdown.
- **Fallback engine**: Legacy parsers (PyMuPDF, python-docx, openpyxl, python-pptx) for when Docling is unavailable.
- **SAST/DAST Report Parsers**: Dedicated parsers for SARIF format, SonarQube JSON, Checkmarx XML, Burp Suite XML, OWASP ZAP reports.
- **Engine selection**: Configurable via `PARSER_ENGINE` (`auto` / `docling` / `legacy`). `auto` tries Docling first, falls back to legacy.
- Shared pipeline for both assessment input and KB document ingestion.

### 7. LLM Abstraction (LangChain) | LLM 抽象层
### 8. LLM Abstraction (LangChain) | LLM 抽象层

- Single interface for chat/completion via **LangChain** (`ChatOpenAI` / `ChatOllama`).
- LangChain is also the foundation for LangGraph agent nodes — each node uses LangChain's `Runnable` interface.
Expand Down
28 changes: 27 additions & 1 deletion CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,25 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).

---

## [Unreleased]
## [Unreleased] — PallasGuard merge

### Added
- Governance domain model and Alembic migrations for projects, submissions,
control instances, questionnaires, audit trails, prompt audit records, and
sub-agent runs.
- Policy-pack driven governance with `generic-ssdlc`, framework templates, and
eight public compliance overlays: NIST SSDF, MAS TRM, ISO 27001:2022,
EU AI Act, ISO 42001, China MLPS 2.0, OWASP SAMM, and EU CRA.
- Governance APIs for projects, controls, evidence, submissions,
questionnaires, schema discovery, Pallas Lens scoring, sub-agent tracking,
and JWT login.
- React governance portal with project creation, framework overlay selection,
control evidence capture, Pallas Lens readiness scoring, and sub-agent run
visibility.
- Excel/offline governance helpers and a single knowledge-base ingestion entry
that writes to Chroma, Graph RAG, and the lightweight lexical knowledge graph.
- Optional Postgres/Redis Docker Compose `full` profile and opt-in
Prometheus metrics wiring through `ENABLE_METRICS`.
- MCP Streamable HTTP and A2A 1.0 JSON-RPC agent endpoints backed by a shared
assessment task service and visible in the Agent Integrations console.
- Loopback-only defaults, optional bearer protection, A2A Agent Card discovery,
Expand All @@ -20,6 +36,12 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
- v5 product trust RFC and architecture, evidence-model, and frontend-design ADRs.

### Changed
- Converged orchestration on LangGraph while keeping DocSentinel's assessment
task lifecycle, report contracts, and existing API surface intact.
- Converged LLM access on the DocSentinel provider abstraction with
LangChain 1.x compatible clients and Anthropic-compatible mode support.
- Moved governance additions into new modules/functions where names overlapped
with existing DocSentinel core modules.
- Unified REST, MCP, and A2A assessment submissions behind one task lifecycle;
agent submissions always require human review.
- Updated the assessment report model to the v2 contract, including finding-level
Expand All @@ -30,6 +52,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
official CPU-only PyTorch wheels for practical private deployment.

### Security
- Excluded private/local policy-pack material from the merge and retained the
final sensitive-content grep gate in `docs/merge/EXCLUSIONS.md`.
- Added bcrypt 5 compatibility fallback for JWT password verification while
preserving the existing passlib-first security path.
- Constrained MCP `assess_document.file_path` reads to configured `MCP_DOCUMENT_ROOTS`
before opening files, including symlink escape protection and pre-read extension
validation.
Expand Down
20 changes: 17 additions & 3 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@
<p align="center">
<a href="https://github.com/arthurpanhku/DocSentinel/releases"><img src="https://img.shields.io/github/v/release/arthurpanhku/DocSentinel?include_prereleases" alt="Latest release"/></a>
<a href="https://github.com/arthurpanhku/DocSentinel/blob/main/LICENSE"><img src="https://img.shields.io/badge/License-MIT-yellow.svg" alt="License: MIT"/></a>
<a href="https://www.python.org/downloads/"><img src="https://img.shields.io/badge/python-3.10+-blue.svg" alt="Python 3.10+"/></a>
<a href="https://www.python.org/downloads/"><img src="https://img.shields.io/badge/python-3.11+-blue.svg" alt="Python 3.11+"/></a>
<a href="https://github.com/arthurpanhku/DocSentinel"><img src="https://img.shields.io/badge/GitHub-arthurpanhku%2FDocSentinel--Agent-24292e?logo=github" alt="GitHub repo"/></a>
<a href="docs/06-agent-integration.md"><img src="https://img.shields.io/badge/MCP-Ready-green?logo=anthropic" alt="MCP Ready"/></a>
<a href="docs/06-agent-integration.md"><img src="https://img.shields.io/badge/A2A-1.0-blueviolet" alt="A2A 1.0"/></a>
Expand Down Expand Up @@ -167,6 +167,20 @@ Submit security questionnaires, design documents, or audit reports. DocSentinel
- **Compliance Gaps**: Missing controls against frameworks like ISO 27001, PCI DSS.
- **Remediation Steps**: Actionable advice to fix identified issues.

### Governance & Compliance Workflows
PallasGuard governance capabilities are merged into DocSentinel as first-class
project workflows:
- **Policy packs**: `generic-ssdlc` plus eight public overlays for NIST SSDF,
MAS TRM, ISO 27001:2022, EU AI Act, ISO 42001, China MLPS 2.0, OWASP SAMM,
and EU CRA.
- **Gate workflows**: Gate 1/3 questionnaire, submission, approval, audit, and
evidence tracking flows backed by SQLModel and Alembic migrations.
- **Control generation**: Framework overlays generate applicable SCD controls
and expected evidence without replacing DocSentinel's existing assessment
engine.
- **Pallas Lens**: Project readiness scoring summarizes control coverage,
evidence depth, and next actions in the React governance portal.

### Intelligent Agent Orchestration (LangGraph)
- **Stateful workflows**: LangGraph state machine maintains context across phases
- **Cross-phase traceability**: Threats from Design link to test cases in Testing and monitoring rules in Operations
Expand Down Expand Up @@ -305,7 +319,7 @@ To connect an external agent through the published Docker port, set

### Option B: Manual Setup

**Prerequisites**: **Python 3.10+** and **Node.js 20+**. Optional:
**Prerequisites**: **Python 3.11+** and **Node.js 20+**. Optional:
[Ollama](https://ollama.ai) (`ollama pull llama2`).

```bash
Expand Down Expand Up @@ -477,7 +491,7 @@ DocSentinel/
| **Vector Store** | ChromaDB + LightRAG | Hybrid vector + graph RAG |
| **Parsing** | Docling + legacy fallback | Multi-format document parsing |
| **LLM Providers** | OpenAI, Anthropic, Qwen, DeepSeek, Ollama, OpenAI-compatible APIs | Cloud and local LLM support |
| **Language** | Python 3.10+ | Primary development language |
| **Language** | Python 3.11+ | Primary development language |

---

Expand Down
2 changes: 2 additions & 0 deletions README_de.md
Original file line number Diff line number Diff line change
Expand Up @@ -116,6 +116,8 @@ flowchart TB
| **Parsing** | Word, PDF, Excel, PPT, Text → Markdown/JSON. |
| **Wissensdatenbank** | Multi-Format-Upload, Chunking, Vektorisierung (Chroma), RAG-Abfrage. |
| **Bewertung** | Dateien einreichen → strukturierter Bericht (Risiken, Lücken, Maßnahmen). |
| **Governance** | Projektkontrollen, Gate 1/3-Fragebögen, Einreichungen, Freigaben und Audit-Trails. |
| **Pallas Lens** | Bereitschaftsscore, Evidenzabdeckung und nächste Maßnahmen je Projekt. |
| **LLM** | Konfigurierbarer Anbieter: **Ollama** (lokal), OpenAI, usw. |
| **API** | REST API & **MCP Server** für Agenten-Integration. |
| **Sicherheit** | Eingebautes RBAC, Audit-Logs und Schutz vor Prompt Injection. |
Expand Down
Loading