← back to gallery

Agent Threat Feed

Real-time vulnerability feed for AI agents and LLM applications

aisecurityvulnerabilitiesai-agentsllmthreat-intelligence
Open product ↗

Agent Threat Feed

Real-time security feed tracking vulnerabilities, exploits, and attack patterns specifically targeting AI agents and LLM-integrated applications. The CVE feed for the agentic era.

What it does

Continuously polls four real data sources for AI agent and LLM-related security threats, classifies each by attack vector and affected framework, and presents them in a unified, filterable dashboard with severity ratings.

Data Sources

| Source | URL | Refresh Interval |
|--------|-----|-----------------|
| OSV.dev API | POST https://api.osv.dev/v1/query | Every 30 minutes |
| NVD API 2.0 | GET https://services.nvd.nist.gov/rest/json/cves/2.0?keywordSearch=... | Every 2 hours |
| GitHub Security Advisories | GET https://api.github.com/advisories?ecosystem=...&keyword=... | Every 1 hour |
| HN Algolia API | GET https://hn.algolia.com/api/v1/search?query=...&tags=story | Every 15 minutes |

All sources are free, no API keys required. All scrapers also run once on server startup.

API Endpoints

| Method | Path | Description |
|--------|------|-------------|
| GET | /agent-threat-feed/health | Health check — returns {"ok":true} |
| GET | /agent-threat-feed/api/feed | Paginated threat feed. Params: page, limit, vector, source, severity, framework, q |
| GET | /agent-threat-feed/api/threats/:id | Single threat detail with full metadata and raw JSON |
| GET | /agent-threat-feed/api/stats | Aggregate stats: counts by vector, source, severity, framework; daily volume; scraper status |
| GET | /agent-threat-feed/api/briefing | Weekly top 5 threats briefing (JSON). Add ?format=html for shareable HTML card |
| GET | /agent-threat-feed/ | Frontend SPA |

Classification

Each threat is auto-classified by keyword matching:

Attack Vectors: prompt-injection, tool-abuse, memory-poisoning, supply-chain, ssr-injection, model-extraction, data-exfiltration, other

Frameworks: langchain, crewai, autogpt, semantic-kernel, llamaindex, openai, anthropic, generic

Running Locally

npm install
PORT=4754 node server.js

Open http://localhost:4754/agent-threat-feed/ in your browser. Threats begin populating within seconds from HN and OSV; GitHub and NVD follow within minutes.

Stack