Post
30
With VLAgentIc, you can now use your local Qwen installation via Ollama and leverage the models
CIRCL/vulnerability-severity-classification-roberta-base and
CIRCL/cwe-parent-vulnerability-classification-roberta-base.
The project is available here:
https://github.com/vulnerability-lookup/VLAgentIc
The VLAI Severity and CWE classifiers are available on Hugging Face:
- CIRCL/vulnerability-severity-classification-roberta-base
- CIRCL/cwe-parent-vulnerability-classification-roberta-base
The concept of AI agents—combining models, tools, and orchestration—has become fairly standardized during the last year, but VLAgentIc brings something unique:
- Agents communicate over XMPP, enabling concurrent tasks and asynchronous messaging thanks to the SPADE framework.
- Built-in presence and discovery streamline interactions between components.
- Flexible behaviours make orchestrating AI-assisted security workflows seamless for future connections
- Last but not least, the VLAI Severity and VLAI CWE classifiers are now wrapped as LLM Tools and run entirely locally.
New, more comprehensive agent tools will soon be available, leveraging the Vulnerability-Lookup API and supporting the GCVE project.
The Human-in-the-Loop agent tool will be designed to notify you and request authorization whenever a query to an external service is about to be made—ensuring that, by default, all reasoning and processing stay local on your computer.
VLAI: A RoBERTa-Based Model for Automated Vulnerability Severity Classification (2507.03607)
The project is available here:
https://github.com/vulnerability-lookup/VLAgentIc
The VLAI Severity and CWE classifiers are available on Hugging Face:
- CIRCL/vulnerability-severity-classification-roberta-base
- CIRCL/cwe-parent-vulnerability-classification-roberta-base
The concept of AI agents—combining models, tools, and orchestration—has become fairly standardized during the last year, but VLAgentIc brings something unique:
- Agents communicate over XMPP, enabling concurrent tasks and asynchronous messaging thanks to the SPADE framework.
- Built-in presence and discovery streamline interactions between components.
- Flexible behaviours make orchestrating AI-assisted security workflows seamless for future connections
- Last but not least, the VLAI Severity and VLAI CWE classifiers are now wrapped as LLM Tools and run entirely locally.
New, more comprehensive agent tools will soon be available, leveraging the Vulnerability-Lookup API and supporting the GCVE project.
The Human-in-the-Loop agent tool will be designed to notify you and request authorization whenever a query to an external service is about to be made—ensuring that, by default, all reasoning and processing stay local on your computer.
VLAI: A RoBERTa-Based Model for Automated Vulnerability Severity Classification (2507.03607)
