A new package that analyzes user-provided text to extract structured information about software security vulnerabilities. It processes natural language descriptions of code issues or security concerns
Project description
vulntext - Vulnerability Text Analyzer
vulntext is a lightweight Python package that extracts structured vulnerability information from natural‑language descriptions of software security issues. By feeding the package a text (e.g., a bug report, CVE description, or a security advisory) it returns an array of structured data items such as vulnerability type, severity level, affected component, and recommended remediation steps.
Features
- Simple, self‑contained interface
- Uses LLM7 by default (free tier, suitable for most uses)
- Fully flexible: plug in any LangChain compatible LLM
- Generates results that match a user‑defined regex pattern
Installation
pip install vulntext
Quick Start
from vulntext import vulntext
user_input = """
A buffer overflow bug in the network packet parser allows an attacker to crash
the service and potentially execute arbitrary code. The vulnerability is
present in version 2.3.4 of the packet-processor library.
"""
# Basic usage (uses the default LLM7 wrapper)
results = vulntext(user_input)
print(results)
You will see an output that looks roughly like:
[
{
"type": "Buffer Overflow",
"severity": "High",
"component": "packet-processor",
"version": "2.3.4",
"remediation": "Update to 2.3.5 or patch the parser."
}
]
Using a Custom LLM
vulntext accepts a LangChain BaseChatModel instance. This allows you to use any provider supported by LangChain:
# OpenAI
from langchain_openai import ChatOpenAI
from vulntext import vulntext
llm = ChatOpenAI()
response = vulntext(user_input, llm=llm)
# Anthropic
from langchain_anthropic import ChatAnthropic
llm = ChatAnthropic()
response = vulntext(user_input, llm=llm)
# Google Generative AI
from langchain_google_genai import ChatGoogleGenerativeAI
llm = ChatGoogleGenerativeAI()
response = vulntext(user_input, llm=llm)
When a custom LLM is provided, the api_key argument is ignored because the key is managed by the wrapper you pass in.
Optional API Key for LLM7
If you want to override the free LLM7 tier or need higher rate limits, supply your own key either as an environment variable or directly:
export LLM7_API_KEY=your_basic_api_key_here
or
response = vulntext(user_input, api_key="your_basic_api_key_here")
You can obtain a free key by registering at LLM7.
Parameters
| Parameter | Type | Description |
|---|---|---|
user_input |
str |
The text containing the vulnerability description. |
llm |
Optional[BaseChatModel] |
A LangChain chat model instance. When omitted, the package falls back to the bundled ChatLLM7. |
api_key |
Optional[str] |
Your LLM7 API key. Ignored if llm is supplied. Note that the free tier is usually sufficient for most uses. |
Development & Bug Reports
- Repository: https://github.com/chigwell/vulntext
- Issues: https://github.com/chigwell/vulntext/issues
License
MIT
Author
Eugene Evstafev
📧 hi@euegne.plus
🐙 @chigwell
Happy hacking! 🎯
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file vulntext-2025.12.21084032.tar.gz.
File metadata
- Download URL: vulntext-2025.12.21084032.tar.gz
- Upload date:
- Size: 4.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.11
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
67becdf94701a85e623b754e709a04c4c22ae7fe51d0fd995c402ba9eab6b0c4
|
|
| MD5 |
60be5e7f5da82ede8ef6e6ae8774e7c1
|
|
| BLAKE2b-256 |
7f3e0d4a41239b5c25af6b33fcb8390e82142139dbc97a9c8a16fb8e2333c629
|
File details
Details for the file vulntext-2025.12.21084032-py3-none-any.whl.
File metadata
- Download URL: vulntext-2025.12.21084032-py3-none-any.whl
- Upload date:
- Size: 4.9 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.11
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
4ef4f774a08b05215a303d9d5dfb9596d01a617d4eb0f0982081ff90d2c7ad4e
|
|
| MD5 |
63f4a8e9d069c47a3c3161bd275557b5
|
|
| BLAKE2b-256 |
fa6119e002394be5c66b0ee99a79b5e5f4696a730a6a2c6493b55fb410731927
|
