agentic-threat-hunting-framework 0.4.0__tar.gz → 0.5.1__tar.gz

{agentic_threat_hunting_framework-0.4.0/agentic_threat_hunting_framework.egg-info → agentic_threat_hunting_framework-0.5.1}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: agentic-threat-hunting-framework
-Version: 0.4.0
+Version: 0.5.1
 Summary: Agentic Threat Hunting Framework - Memory and AI for threat hunters
 Author-email: Sydney Marrone <athf@nebulock.io>
 Maintainer-email: Sydney Marrone <athf@nebulock.io>

{agentic_threat_hunting_framework-0.4.0 → agentic_threat_hunting_framework-0.5.1/agentic_threat_hunting_framework.egg-info}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: agentic-threat-hunting-framework
-Version: 0.4.0
+Version: 0.5.1
 Summary: Agentic Threat Hunting Framework - Memory and AI for threat hunters
 Author-email: Sydney Marrone <athf@nebulock.io>
 Maintainer-email: Sydney Marrone <athf@nebulock.io>

{agentic_threat_hunting_framework-0.4.0 → agentic_threat_hunting_framework-0.5.1}/agentic_threat_hunting_framework.egg-info/SOURCES.txt

@@ -23,6 +23,7 @@ assets/athf_manual_v_ai.png
 athf/__init__.py
 athf/__version__.py
 athf/cli.py
+athf/plugin_system.py
 athf/agents/__init__.py
 athf/agents/base.py
 athf/agents/llm/__init__.py

{agentic_threat_hunting_framework-0.4.0 → agentic_threat_hunting_framework-0.5.1}/athf/agents/base.py

@@ -1,4 +1,4 @@
-"""Base classes for hunt-vault agents."""
+"""Base classes for ATHF agents."""
 
 import os
 from abc import ABC, abstractmethod
@@ -89,6 +89,8 @@ class LLMAgent(Agent[InputT, OutputT]):
     ) -> None:
         """Log LLM call metrics to centralized tracker.
 
+        Override this method in subclasses or plugins to implement custom metrics tracking.
+
         Args:
             agent_name: Name of the agent (e.g., "hypothesis-generator")
             model_id: Bedrock model ID
@@ -97,19 +99,8 @@ class LLMAgent(Agent[InputT, OutputT]):
             cost_usd: Estimated cost in USD
             duration_ms: Call duration in milliseconds
         """
-        try:
-            from athf.core.metrics_tracker import MetricsTracker  # type: ignore[import-not-found]
-
-            MetricsTracker.get_instance().log_bedrock_call(
-                agent=agent_name,
-                model_id=model_id,
-                input_tokens=input_tokens,
-                output_tokens=output_tokens,
-                cost_usd=cost_usd,
-                duration_ms=duration_ms,
-            )
-        except Exception:
-            pass  # Never fail agent execution due to metrics logging
+        # No-op by default. Override in plugins for custom metrics tracking.
+        pass
 
     def _get_llm_client(self) -> Any:
         """Get AWS Bedrock runtime client for Claude models.
@@ -125,7 +116,7 @@ class LLMAgent(Agent[InputT, OutputT]):
             return None
 
         try:
-            import boto3  # type: ignore[import-untyped]
+            import boto3
 
             # Get AWS region from environment or use default
             region = os.getenv("AWS_REGION", os.getenv("AWS_DEFAULT_REGION", "us-east-1"))

{agentic_threat_hunting_framework-0.4.0 → agentic_threat_hunting_framework-0.5.1}/athf/cli.py

@@ -95,8 +95,16 @@ cli.add_command(similar)
 # Agent commands
 cli.add_command(agent)
 
-# Integration commands
-cli.add_command(splunk)
+# Integration commands (optional, requires additional dependencies)
+if splunk is not None:
+    cli.add_command(splunk)
+
+# Load and register plugins
+from athf.plugin_system import PluginRegistry
+
+PluginRegistry.load_plugins()
+for name, cmd in PluginRegistry._commands.items():
+    cli.add_command(cmd, name=name)
 
 
 @cli.command(hidden=True)

{agentic_threat_hunting_framework-0.4.0 → agentic_threat_hunting_framework-0.5.1}/athf/commands/__init__.py

@@ -7,7 +7,12 @@ from athf.commands.init import init
 from athf.commands.investigate import investigate
 from athf.commands.research import research
 from athf.commands.similar import similar
-from athf.commands.splunk import splunk
+
+# Optional: Splunk integration (requires requests package)
+try:
+    from athf.commands.splunk import splunk
+except ImportError:
+    splunk = None  # type: ignore[assignment]
 
 __all__ = [
     "init",

{agentic_threat_hunting_framework-0.4.0 → agentic_threat_hunting_framework-0.5.1}/athf/commands/similar.py

@@ -132,8 +132,8 @@ def _find_similar_hunts(
 ) -> List[Dict[str, Any]]:
     """Find similar hunts using TF-IDF similarity."""
     try:
-        from sklearn.feature_extraction.text import TfidfVectorizer  # type: ignore[import-untyped]
-        from sklearn.metrics.pairwise import cosine_similarity  # type: ignore[import-untyped]
+        from sklearn.feature_extraction.text import TfidfVectorizer
+        from sklearn.metrics.pairwise import cosine_similarity
     except ImportError:
         console.print("[red]Error: scikit-learn not installed[/red]")
         console.print("[dim]Install with: pip install scikit-learn[/dim]")

{agentic_threat_hunting_framework-0.4.0 → agentic_threat_hunting_framework-0.5.1}/athf/core/web_search.py

@@ -84,7 +84,7 @@ class TavilySearchClient:
         """Get or create Tavily client instance."""
         if self._client is None:
             try:
-                from tavily import TavilyClient  # type: ignore[import-not-found]
+                from tavily import TavilyClient
 
                 self._client = TavilyClient(api_key=self.api_key)
             except ImportError:

agentic_threat_hunting_framework-0.5.1/athf/plugin_system.py

@@ -0,0 +1,48 @@
+"""Plugin system for ATHF extensions."""
+from typing import Dict, Type, Callable
+import importlib.metadata
+from click import Command
+
+
+class PluginRegistry:
+    """Central registry for ATHF plugins."""
+
+    _agents: Dict[str, Type] = {}
+    _commands: Dict[str, Command] = {}
+
+    @classmethod
+    def register_agent(cls, name: str, agent_class: Type) -> None:
+        """Register an agent plugin."""
+        cls._agents[name] = agent_class
+
+    @classmethod
+    def register_command(cls, name: str, command: Command) -> None:
+        """Register a CLI command plugin."""
+        cls._commands[name] = command
+
+    @classmethod
+    def get_agent(cls, name: str) -> Type:
+        """Get registered agent by name."""
+        return cls._agents.get(name)
+
+    @classmethod
+    def get_command(cls, name: str) -> Command:
+        """Get registered command by name."""
+        return cls._commands.get(name)
+
+    @classmethod
+    def load_plugins(cls) -> None:
+        """Auto-discover and load all installed plugins."""
+        try:
+            for ep in importlib.metadata.entry_points(group='athf.commands'):
+                command = ep.load()
+                cls.register_command(ep.name, command)
+        except Exception:
+            pass  # No plugins installed yet
+
+        try:
+            for ep in importlib.metadata.entry_points(group='athf.agents'):
+                agent = ep.load()
+                cls.register_agent(ep.name, agent)
+        except Exception:
+            pass  # No plugins installed yet

{agentic_threat_hunting_framework-0.4.0 → agentic_threat_hunting_framework-0.5.1}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "agentic-threat-hunting-framework"
-version = "0.4.0"
+version = "0.5.1"
 description = "Agentic Threat Hunting Framework - Memory and AI for threat hunters"
 readme = {file = "README.md", content-type = "text/markdown"}
 requires-python = ">=3.8"
@@ -149,6 +149,20 @@ strict_equality = true
 module = "tests.*"
 disallow_untyped_defs = false
 
+# Ignore missing imports for optional dependencies
+[[tool.mypy.overrides]]
+module = [
+    "boto3",
+    "boto3.*",
+    "tavily",
+    "tavily.*",
+    "sklearn.*",
+    "requests",
+    "requests.*",
+    "athf.core.metrics_tracker"
+]
+ignore_missing_imports = true
+
 [tool.pytest.ini_options]
 testpaths = ["tests"]
 python_files = ["test_*.py"]