feat(cli): vendor-response subcommand + README Vulnerability Analysis Workflow#88
Open
manus-use wants to merge 1 commit into
Open
feat(cli): vendor-response subcommand + README Vulnerability Analysis Workflow#88manus-use wants to merge 1 commit into
manus-use wants to merge 1 commit into
Conversation
… section Wire up `manus-agent vendor-response <CVE-ID>` CLI subcommand for the `track_vendor_response` Strands tool that already existed in main but had no CLI dispatch. Also add a narrative "Vulnerability Analysis Workflow" section to README with a full CVE-2021-44228 (Log4Shell) worked example. Changes: - cli.py: add `_build_vendor_response_parser` + `_run_vendor_response` (text + JSON output, same pattern as exploit-complexity / blast-radius) - cli.py: add `"vendor-response"` to `_SUBCOMMANDS` set - cli.py: wire dispatch in `main()` between blast-radius and discover - cli.py: move state-label dict to module level (_VENDOR_STATE_LABEL) to satisfy ruff N806 (no uppercase vars inside functions) - README.md: fix vendor-response section — corrects the 6 state names to match the actual tool output (was documenting a different schema) - README.md: add "Vulnerability Analysis Workflow" section with a 4-stage pipeline diagram (Discover → Exploitability → Reach → Remediation) and full CVE-2021-44228 worked example across 5 CLI tools - README.md: add Vulnerability Analysis Workflow to Table of Contents - tests/test_vendor_response_cli.py: 35 new unit tests (all HTTP mocked) covering parser, text output, JSON output, input validation, and full end-to-end main() dispatch Tests: 937 passing (was 902), 0 failures, ruff clean
This was referenced Jul 5, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Two complementary improvements shipped in a single PR:
1.
manus-agent vendor-responseCLI subcommandThe
track_vendor_responseStrands tool has lived insrc/manus_agent/tools/since its introduction, and the README has documentedmanus-agent vendor-response <CVE-ID>for several weeks — but there was no dispatch incli.py. This PR wires it up.Usage:
manus-agent vendor-response CVE-2024-3094 manus-agent vendor-response CVE-2024-3094 --output json | jq .vendor_response_stateOutput states (matching the actual
track_vendor_responseimplementation):patch_availablepatch_pendingworkaround_onlyinvestigatingno_patch_expectedunknownAlso fixes the README vendor-response section which was documenting a different state schema that never matched the implementation.
2. Vulnerability Analysis Workflow section in README
Adds a new top-level section to the README showing how the CLI tools chain together into a repeatable analyst pipeline, with a complete CVE-2021-44228 (Log4Shell) worked example across epss-trend, exploit-complexity, blast-radius, vendor-response, patch-diff, cluster-variants, and compare. Also includes a JSON pipeline section for CI gates.
Files changed
src/manus_agent/cli.py_VENDOR_STATE_LABEL,_build_vendor_response_parser,_run_vendor_response; add vendor-response to_SUBCOMMANDS; wire dispatch inmain()README.mdtests/test_vendor_response_cli.pyTest results
937 passed, 3 deselected, 0 failures (up from 902; +35 new tests). ruff clean.