PantheonLM

Stable

Multi-agent operations framework with 81+ specialized agents

Overview

What is PantheonLM?

PantheonLM (formerly BMAD-CYBERSEC) is an enterprise-grade multi-agent orchestration framework purpose-built for cybersecurity operations. It ships with 81+ pre-built agents that cover the full security lifecycle.

Agent Catalog (highlights)

ThreatIntelAgent — Real-time threat intelligence aggregation and correlation
VulnResearchAgent — CVE triage, CVSS scoring, and PoC assessment
ComplianceAgent — EU AI Act, NIS2, DORA compliance gap analysis
IncidentResponseAgent — Automated playbook execution for common incident types
RedTeamOrchestrator — Coordinates multi-step attack simulations
ReportAgent — Generates executive and technical security reports

Installation

npm / pnpm

# npm
npm install @blackunicorn/pantheonlm

# pnpm
pnpm add @blackunicorn/pantheonlm

Configuration

// pantheon.config.ts
import { defineConfig } from '@blackunicorn/pantheonlm'

export default defineConfig({
  llmProvider: 'anthropic',
  apiKey: process.env.ANTHROPIC_API_KEY,
  agents: {
    enabled: ['ThreatIntelAgent', 'VulnResearchAgent', 'ReportAgent'],
  },
  logging: {
    level: 'info',
    output: './logs/pantheon.log',
  },
})

Quick Start

Running Your First Agent

import { PantheonLM } from '@blackunicorn/pantheonlm'

const pantheon = new PantheonLM()

const result = await pantheon.run('ThreatIntelAgent', {
  target: 'CVE-2024-1234',
  depth: 'full',
})

console.log(result.summary)
console.log(result.iocs)        // Indicators of Compromise
console.log(result.mitigations)

Multi-Agent Orchestration

import { PantheonLM, Pipeline } from '@blackunicorn/pantheonlm'

const pantheon = new PantheonLM()

// Build a sequential pipeline
const pipeline = new Pipeline([
  { agent: 'VulnResearchAgent', input: { cve: 'CVE-2024-1234' } },
  { agent: 'ThreatIntelAgent',  dependsOn: 'VulnResearchAgent' },
  { agent: 'ReportAgent',       dependsOn: ['VulnResearchAgent', 'ThreatIntelAgent'] },
])

const report = await pantheon.execute(pipeline)
console.log(report.markdown)

API Reference

The full API reference including all 81+ agent signatures, configuration schema, and plugin development guide is available in the GitHub repository.

GitHub Repository

BlackUnicornSecurity/BMAD-CYBERSEC

Overview

What is PantheonLM?

Agent Catalog (highlights)

ThreatIntelAgent — Real-time threat intelligence aggregation and correlation

VulnResearchAgent — CVE triage, CVSS scoring, and PoC assessment

ComplianceAgent — EU AI Act, NIS2, DORA compliance gap analysis

IncidentResponseAgent — Automated playbook execution for common incident types

RedTeamOrchestrator — Coordinates multi-step attack simulations

ReportAgent — Generates executive and technical security reports

Installation

npm / pnpm

# npm npm install @blackunicorn/pantheonlm # pnpm pnpm add @blackunicorn/pantheonlm

Configuration

// pantheon.config.ts import { defineConfig } from '@blackunicorn/pantheonlm' export default defineConfig({ llmProvider: 'anthropic', apiKey: process.env.ANTHROPIC_API_KEY, agents: { enabled: ['ThreatIntelAgent', 'VulnResearchAgent', 'ReportAgent'], }, logging: { level: 'info', output: './logs/pantheon.log', }, })

Quick Start

Running Your First Agent

import { PantheonLM } from '@blackunicorn/pantheonlm' const pantheon = new PantheonLM() const result = await pantheon.run('ThreatIntelAgent', { target: 'CVE-2024-1234', depth: 'full', }) console.log(result.summary) console.log(result.iocs) // Indicators of Compromise console.log(result.mitigations)

Multi-Agent Orchestration

import { PantheonLM, Pipeline } from '@blackunicorn/pantheonlm' const pantheon = new PantheonLM() // Build a sequential pipeline const pipeline = new Pipeline([ { agent: 'VulnResearchAgent', input: { cve: 'CVE-2024-1234' } }, { agent: 'ThreatIntelAgent', dependsOn: 'VulnResearchAgent' }, { agent: 'ReportAgent', dependsOn: ['VulnResearchAgent', 'ThreatIntelAgent'] }, ]) const report = await pantheon.execute(pipeline) console.log(report.markdown)