"Security decisions in seconds" - Aegis is an AI-powered security assessment platform that automates vendor trust evaluations. It generates instant, source-grounded reports with transparent trust scores, and includes an interactive chat agent to provide further insights and answer specific questions, enabling security teams to make fast, informed decisions.
Aegis consists of two main components:
- Web-Client (
junction-app/) - A next.js web application providing an easy to use interface to evaluate products, discuss the evaluation with an agent, and a vault giving oversight over prior scoring. - Deep Research Agent (
deep_security/) - An agent based on OpenAi & Langgraph, utilizing various specialist API's to thoroughly investigate the product provided.
- π Firebase Auth + Profiles β Email/password and Google SSO with enriched user metadata captured in Firestore.
- π₯ Submission Hub β Text prompt + binary upload workflow for requesting assessments.
- π€ Multi-LLM Research Agent β Configurable OpenAI/Anthropic stacks for summarizeβresearchβcompressβreport loops.
- π Search + MCP Integrations β Pluggable Tavily, OpenAI native search, Anthropic native search, and custom MCP toolchains.
- π Reports Vault β High-signal trust brief cards with risk tags, source counts, and sharing links.
- π§ͺ Benchmark Harness β Pre-wired Deep Research Bench evaluation scripts to validate agent quality.
junction-hack/
βββ junction-app/ # Next.js frontendβ
βββ app/ # App Router routes (landing, auth, dashboard, reports)β
βββ components/ # Shared UI (AppChrome, landing sections)
β βββ contexts/AuthContext.tsx # Client-side auth/session provider
β βββ lib/firebase.ts # Firebase initialization
β βββ public/ # Static assets
β βββ README.md
βββ deep_security/ # LangGraph / Open Deep Research backend
β βββ src/open_deep_research/ # Config + runtime
β βββ src/security/ # Auth helpers
β βββ tests/ # Benchmark + evaluation scripts
β βββ README.md
β βββ pyproject.toml
βββ example_data.csv # Sample assessment data
Modern App Router experience focusing on security analyst workflows:
- Tech Stack: Next.js 15, TypeScript, Tailwind, shadcn/ui, Lucide icons.
- Auth Flow:
AuthContextwraps Firebase Auth; guards dashboard and reports routes. - Key Screens:
- Landing page with hero/demo/trust-score highlights.
/authmulti-step login/register with Google SSO fallback./dashboardsubmission form (text + file upload) and quick links to reports./reportsgallery of trust briefs with status, sources, and risk chips.
LangGraph-backed agent toolbox housed in deep_security/:
- Configuration Surface:
src/open_deep_research/configuration.pyexposes sliders/toggles for structured-output retries, concurrency, model choices, search providers, and MCP settings. - Model Pipeline: Separate slots for summarization, researcher, compression, and final-report models (defaults to OpenAI
gpt-4.1/gpt-4.1-mini, but swappable to Anthropic, GPT-5, etc.). - Search & MCP: Built-in support for Tavily, OpenAI native, Anthropic native search plus external MCP servers for custom tools/data.
- Evaluation:
tests/run_evaluate.pyandtests/extract_langsmith_data.pyautomate Deep Research Bench submissions (LangSmith integration).
- User Authenticates β Firebase Auth session hydrates
AuthContext. - Submission β Dashboard posts text/binary payload to a Next.js API route or edge function (placeholder today).
- Assessment Orchestration β API proxies request to LangGraph runtime (Deep Research service).
- LLM + Search Loop β Agent fans out to configured LLMs, search APIs, and MCP tools, storing intermediate notes.
- Report Storage β Final trust brief, scores, and citation metadata saved back to Firestore.
- Consumption β Reports UI reads Firestore entries for sharing/export.
- Node.js 18+ (or Bun), npm/yarn/pnpm.
- Python 3.11,
uvorpip. - Firebase project (Auth + Firestore) + service credentials.
- OpenAI and/or Anthropic API keys (plus Tavily key if using default search).
- LangSmith account if running benchmarks.
cd junction-app
cp .env.example .env.local # fill Firebase + API vars
npm installnpm
run dev
Visit http://localhost:3000.
cd deep_securityuv venv && source .venv/bin/activate # or python -m venvuv
sync # installs LangChain/LangGraph dep
scp .env.example .env # configure LLM/search/MCP keys
uvx --from "langgraph-cli[inmem]" langgraph dev --allow-blocking
LangGraph Studio UI available at the printed URL (default http://127.0.0.1:2024)).
| Component | Variable | Description |
|---|---|---|
| junction-app | NEXT_PUBLIC_FIREBASE_* | Firebase web config (auth domain, project IDβ¦) |
| NEXT_PUBLIC_ASSESSMENT_API_URL | (Future) API route for submissions | |
| deep_security | SUMMARIZATION_MODEL, RESEARCH_MODEL⦠| Override default LLMs per stage |
| SEARCH_API | tavily, openai, anthropic, or none | |
| MCP_CONFIG_URL, MCP_CONFIG_TOOLS | Optional MCP server info | |
| Shared | OPENAI_API_KEY, ANTHROPIC_API_KEY | Provider credentials |
| Shared | TAVILY_API_KEY Web | search enrichment |
junction-app/README.mdβ Frontend development tips.deep_security/README.mdβ LangGraph configuration, benchmarking, LangSmith usage.- LangChain docs for MCP + multi-provider LLM setup.
- Firebase docs for Auth/Firestore provisioning.
| Layer | Recommended Target |
|---|---|
| Frontend | Vercel / Netlify (set Firebase/public env vars) |
| API Routes | Vercel Edge Functions or Next.js serverless runtime |
| LangGraph | Dockerized service on cloud VM or LangGraph Platform |
| Firebase | Managed (Auth + Firestore) |
- Build frontend:
npm run buildβ deploy. - Package LangGraph service with
uv+langgraph devor containerize for production. - Wire API route to call LangGraph service; secure with bearer tokens.
- Point frontend env vars to production endpoints.
- Frontend:
npm run lint/npm run test(if configured) plus manual UI smoke tests. - Backend: Run
python tests/run_evaluate.pyfor Deep Research Bench; extract results via tests/extract_langsmith_data.py. - Integration: Validate that Firestore entries appear when manual assessments are triggered (mock API route until backend is wired).
- Fork and branch (
git checkout -b feature/<name>). - Keep frontend TypeScript strict and follow existing Tailwind patterns.
- For backend changes, update
configuration.pydocs + README when adding config knobs. - Add tests or LangSmith eval notes for new research behaviors.
- Submit PR with a concise summary and screenshots if UI-related.
MIT β see LICENSE.
Open an issue in this repo. Check LangGraph + Firebase docs linked above. Reach out on project Slack/Discord (if applicable) for architecture questions.