github analyzed a161216

0x3e4/hecate

github

Hecate Cyber Defense - AI-powered vulnerability analysis

maintainer: 0x3e4
license: MIT
first seen: 2026-06-05
last seen: 2026-06-10
releases · 30d: 7
short id

Drift inferred · capture-to-capture

HIGH 2026-06-16 code analysis flagged dynamic code execution in 0x3e4/hecate

capabilities 0 tools

transport streamable-http counts 0 tools · 0 res · 0 prompts permission surface via code analysis

no tools enumerated yet for this server.

skills & danger signals github-tarball

prompt-surface shipped agent-instruction files + hidden-content / dangerous-code findings — quoted from the analyzed source

analyzed commit a161216 · analyzer v18 · 5h ago

danger signals1

dynamic code executioneval()/exec()0x3e4-hecate-a161216/scanner/app/malware_detector/unicode_obfuscation.py:6via .codePointAt() and pass to eval(). LLM-generated cover commits.

code evidence v1.2.3 · github-tarball

evidence-backed findings quoted directly from the published source artifact — not inferred

filesystem 17

fs 0x3e4-hecate-a161216/backend/app/api/v1/version.py :9 from pathlib import Path
fs 0x3e4-hecate-a161216/backend/app/services/ingestion/osv_client.py :135 with zf.open(name) as f:
fs 0x3e4-hecate-a161216/backend/app/services/scan_service.py :1825 of change. Only fail-open (return True) when we have neither a
fs 0x3e4-hecate-a161216/scanner/app/hecate_analyzer.py :9 from pathlib import Path
fs 0x3e4-hecate-a161216/scanner/app/main.py :5 import shutil
fs 0x3e4-hecate-a161216/scanner/app/malware_detector/cicd_analysis.py :12 from pathlib import Path
fs 0x3e4-hecate-a161216/scanner/app/malware_detector/hash_matching.py :7 from pathlib import Path
fs 0x3e4-hecate-a161216/scanner/app/malware_detector/install_hooks.py :7 from pathlib import Path
fs 0x3e4-hecate-a161216/scanner/app/malware_detector/persistence.py :14 from pathlib import Path
fs 0x3e4-hecate-a161216/scanner/app/malware_detector/pth_files.py :13 from pathlib import Path
fs 0x3e4-hecate-a161216/scanner/app/malware_detector/sandbox_evasion.py :12 from pathlib import Path
fs 0x3e4-hecate-a161216/scanner/app/malware_detector/suspicious_patterns.py :6 from pathlib import Path
fs 0x3e4-hecate-a161216/scanner/app/malware_detector/typosquatting.py :16 from pathlib import Path
fs 0x3e4-hecate-a161216/scanner/app/malware_detector/unicode_obfuscation.py :12 from pathlib import Path
fs 0x3e4-hecate-a161216/scanner/app/malware_detector/utils.py :7 from pathlib import Path
fs 0x3e4-hecate-a161216/scanner/app/malware_detector/worm_detection.py :13 from pathlib import Path
fs 0x3e4-hecate-a161216/scanner/app/scanners.py :11 import shutil

network 25

net 0x3e4-hecate-a161216/backend/app/api/v1/status.py :4 import httpx
net 0x3e4-hecate-a161216/backend/app/api/v1/version.py :12 import httpx
net 0x3e4-hecate-a161216/backend/app/mcp/oauth.py :28 from urllib.parse import urlencode
net 0x3e4-hecate-a161216/backend/app/mcp/oauth_providers.py :12 from urllib.parse import urlencode
net 0x3e4-hecate-a161216/backend/app/services/ai_service.py :9 import httpx
net 0x3e4-hecate-a161216/backend/app/services/http/retry.py :7 import httpx
net 0x3e4-hecate-a161216/backend/app/services/http/ssl.py :7 """Return the ``verify`` value for :class:`httpx.AsyncClient`.
net 0x3e4-hecate-a161216/backend/app/services/ingestion/capec_client.py :6 import httpx
net 0x3e4-hecate-a161216/backend/app/services/ingestion/circl_client.py :8 import httpx
net 0x3e4-hecate-a161216/backend/app/services/ingestion/cisa_client.py :5 import httpx
net 0x3e4-hecate-a161216/backend/app/services/ingestion/cpe_client.py :9 import httpx
net 0x3e4-hecate-a161216/backend/app/services/ingestion/cwe_client.py :5 import httpx
net 0x3e4-hecate-a161216/backend/app/services/ingestion/deps_dev_client.py :17 from urllib.parse import quote
net 0x3e4-hecate-a161216/backend/app/services/ingestion/euvd_client.py :8 import httpx
net 0x3e4-hecate-a161216/backend/app/services/ingestion/ghsa_client.py :6 from urllib.parse import parse_qs, urlparse
net 0x3e4-hecate-a161216/backend/app/services/ingestion/nvd_client.py :7 import httpx
net 0x3e4-hecate-a161216/backend/app/services/ingestion/osv_client.py :11 import httpx
net 0x3e4-hecate-a161216/backend/app/services/ingestion/osv_pipeline.py :75 # one httpx.AsyncClient + one rate-limiter across all records.
net 0x3e4-hecate-a161216/backend/app/services/notification_service.py :8 import httpx
net 0x3e4-hecate-a161216/backend/app/services/saved_search_service.py :5 from urllib.parse import parse_qsl, urlencode
net 0x3e4-hecate-a161216/backend/app/services/scan_service.py :9 from urllib.parse import unquote, urlparse
net 0x3e4-hecate-a161216/backend/app/services/stats_service.py :6 from urllib.parse import urlparse
net 0x3e4-hecate-a161216/scanner/app/malware_detector/typosquatting.py :15 import urllib.request
net 0x3e4-hecate-a161216/scanner/app/provenance.py :25 from urllib.parse import quote
net 0x3e4-hecate-a161216/scanner/app/scanners.py :15 import urllib.request

database 18

db 0x3e4-hecate-a161216/backend/app/repositories/app_settings_repository.py :7 from pymongo import ReturnDocument
db 0x3e4-hecate-a161216/backend/app/repositories/asset_repository.py :7 from pymongo import ASCENDING, UpdateOne
db 0x3e4-hecate-a161216/backend/app/repositories/capec_repository.py :7 from pymongo.errors import PyMongoError
db 0x3e4-hecate-a161216/backend/app/repositories/cpe_repository.py :8 from pymongo import ASCENDING, DESCENDING
db 0x3e4-hecate-a161216/backend/app/repositories/cwe_repository.py :8 from pymongo.errors import PyMongoError
db 0x3e4-hecate-a161216/backend/app/repositories/inventory_repository.py :7 from pymongo import ASCENDING
db 0x3e4-hecate-a161216/backend/app/repositories/kev_repository.py :8 from pymongo.errors import PyMongoError
db 0x3e4-hecate-a161216/backend/app/repositories/license_policy_repository.py :7 from pymongo import ASCENDING
db 0x3e4-hecate-a161216/backend/app/repositories/malware_intel_repository.py :8 from pymongo import ASCENDING
db 0x3e4-hecate-a161216/backend/app/repositories/notification_rule_repository.py :7 from pymongo import ASCENDING, ReturnDocument
db 0x3e4-hecate-a161216/backend/app/repositories/saved_search_repository.py :9 from pymongo import ASCENDING, ReturnDocument
db 0x3e4-hecate-a161216/backend/app/repositories/scan_finding_repository.py :9 from pymongo.errors import PyMongoError
db 0x3e4-hecate-a161216/backend/app/repositories/scan_layer_repository.py :7 from pymongo.errors import PyMongoError
db 0x3e4-hecate-a161216/backend/app/repositories/scan_repository.py :9 from pymongo.errors import PyMongoError
db 0x3e4-hecate-a161216/backend/app/repositories/scan_sbom_repository.py :7 from pymongo.errors import PyMongoError
db 0x3e4-hecate-a161216/backend/app/repositories/scan_target_repository.py :8 from pymongo.errors import PyMongoError
db 0x3e4-hecate-a161216/backend/app/repositories/vulnerability_repository.py :12 from pymongo import ASCENDING, DESCENDING
db 0x3e4-hecate-a161216/backend/app/services/cpe_service.py :5 from pymongo import TEXT

tool registrations 35

search_vendors 0x3e4-hecate-a161216/backend/app/mcp/tools/assets.py :20
search_products 0x3e4-hecate-a161216/backend/app/mcp/tools/assets.py :65
search_cpe 0x3e4-hecate-a161216/backend/app/mcp/tools/cpe.py :20
get_cwe 0x3e4-hecate-a161216/backend/app/mcp/tools/cwe_capec.py :22
get_capec 0x3e4-hecate-a161216/backend/app/mcp/tools/cwe_capec.py :73
get_scan_findings 0x3e4-hecate-a161216/backend/app/mcp/tools/scans.py :21
trigger_scan 0x3e4-hecate-a161216/backend/app/mcp/tools/scans.py :75
trigger_sync 0x3e4-hecate-a161216/backend/app/mcp/tools/scans.py :156
get_sca_scan 0x3e4-hecate-a161216/backend/app/mcp/tools/scans.py :227
prepare_scan_ai_analysis 0x3e4-hecate-a161216/backend/app/mcp/tools/scans.py :342
save_scan_ai_analysis 0x3e4-hecate-a161216/backend/app/mcp/tools/scans.py :413
get_scan_findings_by_scan 0x3e4-hecate-a161216/backend/app/mcp/tools/scans.py :497
get_security_alerts 0x3e4-hecate-a161216/backend/app/mcp/tools/scans.py :568
get_scan_sbom 0x3e4-hecate-a161216/backend/app/mcp/tools/scans.py :629
get_sbom_components 0x3e4-hecate-a161216/backend/app/mcp/tools/scans.py :681
get_sbom_facets 0x3e4-hecate-a161216/backend/app/mcp/tools/scans.py :737
get_target_scan_history 0x3e4-hecate-a161216/backend/app/mcp/tools/scans.py :792
compare_scans 0x3e4-hecate-a161216/backend/app/mcp/tools/scans.py :851
get_layer_analysis 0x3e4-hecate-a161216/backend/app/mcp/tools/scans.py :901
list_scan_targets 0x3e4-hecate-a161216/backend/app/mcp/tools/scans.py :945
list_target_groups 0x3e4-hecate-a161216/backend/app/mcp/tools/scans.py :996
list_scans 0x3e4-hecate-a161216/backend/app/mcp/tools/scans.py :1040
find_findings_by_cve 0x3e4-hecate-a161216/backend/app/mcp/tools/scans.py :1089
prepare_scan_attack_chain_analysis 0x3e4-hecate-a161216/backend/app/mcp/tools/scans.py :1147
save_scan_attack_chain_analysis 0x3e4-hecate-a161216/backend/app/mcp/tools/scans.py :1232
get_vulnerability_stats 0x3e4-hecate-a161216/backend/app/mcp/tools/stats.py :18
search_vulnerabilities 0x3e4-hecate-a161216/backend/app/mcp/tools/vulnerabilities.py :25
get_vulnerability 0x3e4-hecate-a161216/backend/app/mcp/tools/vulnerabilities.py :100
prepare_vulnerability_ai_analysis 0x3e4-hecate-a161216/backend/app/mcp/tools/vulnerabilities.py :149
save_vulnerability_ai_analysis 0x3e4-hecate-a161216/backend/app/mcp/tools/vulnerabilities.py :229
prepare_vulnerabilities_ai_batch_analysis 0x3e4-hecate-a161216/backend/app/mcp/tools/vulnerabilities.py :309
save_vulnerabilities_ai_batch_analysis 0x3e4-hecate-a161216/backend/app/mcp/tools/vulnerabilities.py :404
prepare_attack_path_analysis 0x3e4-hecate-a161216/backend/app/mcp/tools/vulnerabilities.py :505
save_attack_path_analysis 0x3e4-hecate-a161216/backend/app/mcp/tools/vulnerabilities.py :595
refine_attack_path_analysis 0x3e4-hecate-a161216/backend/app/mcp/tools/vulnerabilities.py :675

declared dependencies 14

fastapi@0.128.5
uvicorn@0.40.0
pydantic@^2.12
pydantic-settings@^2.11.0
motor@^3.7
opensearch-py@^3.0.0
httpx@^0.28.1
structlog@^25.5.0
python-dateutil@^2.9.0
apscheduler@^3.11.1
google-genai@^1.49.0
starlette@0.52.1
opensearch-protobufs@1.2.0
mcp@{version =