Inspiration
I was kinda inspired by the recent AI called Mythos that can crack and attack system vulnerabilities, but we wanted to make our own project that counters it and focuses more on patching and making applications secure.
What it does
We take the user's code repository from GitLab, then we pass it through 2 AI agents: Attacker and Defender. The attacker agent purely focuses on vulnerabilities and possible attacks. The Defender agent purely focuses on the output that the Attack agent provides and provides countermeasures or patches on how to defend against it.
How we built it
We built it using GitLab MCP servers to pull code from public GitLab repos, then our ai agents are powered by Gemini who are prompted to find vulnerabilities and how to patch it. Then we utilizied Docker to ensure that our project can work across multiple computers and easy to rest.
Challenges we ran into
We envisioned our plans to include validator agents that can verify an attack or check if a certain security patch would work, however due to time constraints and unfamiliarity of some technology we were unable to accomplish something we wanted to do.
Accomplishments that we're proud of
We are proud that we were able to learn new techniques that we wouldn't been able to test without the hackathon testing us. We both experienced using docker, MCP server, and AI agents for the first time and somethign we would love to continue to experiment and test with.
What's next for Cloud Citadel
We plan to continue our work to hopefully make a validator agent that can run a container and test attacking scripts and security patches. That way we can have a system where AI agents can specialize in specific topics and validates if it works or not.
Log in or sign up for Devpost to join the conversation.