mblanke/ThreatHunt
1
0
Fork 0
mirror of https://github.com/mblanke/ThreatHunt.git synced 2026-03-01 14:00:20 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
5a2ad8ec1c69359e422845c4f3a0aae29b87d441
ThreatHunt/SKILLS/05-agent-taxonomy.md
mblanke 9b98ab9614 feat: interactive network map, IOC highlighting, AUP hunt selector, type filters 
- NetworkMap: hunt-scoped force-directed graph with click-to-inspect popover
- NetworkMap: zoom/pan (wheel, drag, buttons), viewport transform
- NetworkMap: clickable IP/Host/Domain/URL legend chips to filter node types
- NetworkMap: brighter colors, 20% smaller nodes
- DatasetViewer: IOC columns highlighted with colored headers + cell tinting
- AUPScanner: hunt dropdown replacing dataset checkboxes, auto-select all
- Rename 'Social Media (Personal)' theme to 'Social Media' with DB migration
- Fix /api/hunts timeout: Dataset.rows lazy='noload' (was selectin cascade)
- Add OS column mapping to normalizer
- Full backend services, DB models, alembic migrations, new routes
- New components: Dashboard, HuntManager, FileUpload, NetworkMap, etc.
- Docker Compose deployment with nginx reverse proxy
2026-02-19 15:41:15 -05:00

1.4 KiB
Raw Blame History

Agent Types & Roles (Practical Taxonomy)

Use this skill to choose the right kind of agent workflow for the job.

Common agent "types" (in practice)

1) Chat assistant (no tools)

Best for: explanations, brainstorming, small edits. Risk: can hallucinate; no grounding in repo state.

2) Tool-using single agent

Best for: well-scoped tasks where the agent can read/write files and run commands. Key control: strict DoD gates + minimal permissions.

3) Planner + Executor (2-role pattern)

Best for: medium complexity work (multi-file changes, feature work). Flow: Planner writes plan + acceptance criteria → Executor implements → Reviewer checks.

4) Multi-agent (specialists)

Best for: bigger features with separable workstreams (UI, backend, docs, tests). Rule: isolate context per role; use separate branches/worktrees.

5) Supervisor / orchestrator

Best for: long-running workflows with checkpoints (pipelines, report generation, PAD docs). Rule: supervisor delegates, enforces gates, and composes final output.

Decision rules (fast)

  • If you can describe it in ≤ 5 steps → single tool-using agent.
  • If you need tradeoffs/design → Planner + Executor.
  • If UI + backend + docs/tests all move → multi-agent specialists.
  • If it's a pipeline that runs repeatedly → orchestrator.

Guardrails (always)

  • DoD is the truth gate.
  • Separate branches/worktrees for parallel work.
  • Log decisions + commands in AGENT_LOG.md.
Reference in New Issue View Git Blame Copy Permalink