LLMs for Application Security - From Prompts to Agents

A small sample application showing the capabilities of LLMs for application security.

We go from prompts to agents to show how agents can investigate code and find vulnerabilities.

Running

Create a .env file with the following variables:

OPENAI_API_KEY=<your openai api key>

Run the following command to start the application:

bundle install
bundle exec ruby main.rb

src/ contains the code for the application -- src/prompts.rb contains the prompts for the LLMs -- src/tools.rb contains the tools for the LLMs -- src/openai.rb contains the OpenAI API client
example/ contains the example code for the application -- example/few_shot/ contains the example code for the few shot prompt -- example/zero_shot/ contains the example code for the zero shot prompt
example/agent/ contains the example code for the agent

Copy the code from agent.txt into the main.rb file

Name		Name	Last commit message	Last commit date
Latest commit History 5 Commits
example		example
src		src
.gitignore		.gitignore
.tool-versions		.tool-versions
Enhancing AppSec Reviews with LLMs_ From Prompts to Agents.pdf		Enhancing AppSec Reviews with LLMs_ From Prompts to Agents.pdf
Gemfile		Gemfile
Gemfile.lock		Gemfile.lock
LICENSE		LICENSE
README.md		README.md
agent.txt		agent.txt