What We'll Cover Today

• Paradigm shift: Assistants → Agents

• MCP: Model Context Protocol architecture

• Focus: Code auditing workflows

• Advanced patterns: Agent chains & automation

• Hands-on: Real-world examples

Why AI Agents for Development?

• Traditional tools: static analysis (limited context)

• LLM assistants: interactive but require constant guidance

• AI Agents: autonomous, tool-using, goal-driven

• Game changer for: code review, auditing, refactoring

Course Objectives

By the end of this lecture, you will:

1. Understand assistant vs agent paradigms

2. Configure and use MCP tools

3. Build audit workflows with Claude Code

4. Chain agents for complex tasks

The Evolution of AI in Development

graph LR
    A[Static Analysis] --> B[IDE Assistants]
    B --> C[LLM Chat]
    C --> D[AI Agents]
    style D fill:#4CAF50

• Static: Rules-based (linters, type checkers)

• Assistants: Context-aware suggestions

• Chat: Interactive problem-solving

• Agents: Autonomous execution

What is an Assistant?

Characteristics:

• Waits for user prompts

• Responds to explicit queries

• No persistent goals

• Limited tool access

Example: "Explain this function"

→ Assistant reads code, explains in natural language

What is an Agent?

Characteristics:

• Goal-oriented: Given a high-level task

• Autonomous: Plans and executes steps

• Tool-using: Reads files, runs commands, edits code

• Iterative: Learns from feedback, adapts strategy

Example: "Audit this repository for security issues"

→ Agent scans files, runs tools, generates report

Assistant vs Agent: Key Differences

When to Use Each?

Use Assistants for:

• Quick questions

• Code explanations

• Documentation lookup

Use Agents for:

• Code auditing

• Bulk refactoring

• Test generation

• Dependency updates

What is MCP?

Model Context Protocol — a standard interface for AI tools

• Connects LLMs to external systems

• Secure, sandboxed execution

• Tool discovery and registration

• Standardized input/output

MCP Architecture

graph TB
    Claude[Claude Code] --> MCP[MCP Server]
    MCP --> Shell[Shell Tool]
    MCP --> Git[Git Tool]
    MCP --> FS[Filesystem Tool]
    MCP --> Custom[Custom Tools]

    style Claude fill:#FF6B35
    style MCP fill:#004E89

MCP Components

Three layers:

1. Client: Claude Code (AI model)

2. Server: Tool registry & dispatcher

3. Tools: Individual capabilities (shell, git, file I/O)

Security: Whitelisted commands, path restrictions

MCP Configuration Example

tools/mcp/config.json:

{
  "mcpServers": {
    "local-shell": {
      "command": "python",
      "args": ["tools/mcp/tools.d/shell/server.py"]
    },
    "repo-tools": {
      "command": "python",
      "args": ["tools/mcp/tools.d/repo/server.py"]
    }
  }
}

Safe Shell Tool (Simplified)

ALLOWED = {"ls", "cat", "pytest", "ruff", "flake8"}

def run(cmd):
    if cmd[0] not in ALLOWED:
        return {"error": f"Not allowed: {cmd[0]}"}

    out = subprocess.check_output(cmd, timeout=30)
    return {"stdout": out.decode()}

Key: Whitelist approach prevents arbitrary code execution

Enabling MCP in Claude Code

1. Open Claude Code settings

2. Navigate to MCP Configuration

3. Point to tools/mcp/config.json

4. Restart Claude Code

5. Verify: prompt "List available MCP tools"

Why Code Auditing?

Modern challenges:

• Rapid development cycles

• Complex dependencies

• Security vulnerabilities

• Technical debt accumulation

Solution: Continuous, AI-assisted auditing

Audit Dimensions

mindmap
  root((Code Audit))
    Security
      Injection risks
      Unsafe APIs
      Secrets
    Quality
      Code smells
      Complexity
      Duplication
    Standards
      Style guides
      Type safety
      Documentation
    Reliability
      Error handling
      Test coverage
      Edge cases

Traditional vs AI-Assisted Auditing

Hybrid approach: Static tools + AI reasoning

Basic Audit Workflow

Step 1: Static analysis

ruff check src/ > out/ruff.txt
flake8 src/ > out/flake8.txt
bandit -r src -o out/bandit.txt

Step 2: AI correlation

Role: Senior auditor
Task: Analyze ruff/flake8/bandit outputs,
correlate with code, classify by severity

Audit Output Format

Severity levels:

• 🔴 Red: Critical (security, data loss)

• 🔶 Orange: Important (maintainability, performance)

• ⚪ White: Minor (style, documentation)

Formats:

• audit.md (human-readable)

• audit.json (machine-readable, CI/CD)

Audit Prompt Template

You are a senior code auditor.

Goal: Read static analysis outputs in ./out/*.txt,
correlate with repository code, and classify issues.

Classify by:
- Security (CWE/OWASP)
- Maintainability (complexity, duplication)
- Reliability (error handling, tests)
- Standards (PEP 8, typing)

Assign severity: 🔴 🔶 ⚪
Output: audit.md + audit.json

Example Audit Result

Integrating with CI/CD

Pre-commit hook:

#!/usr/bin/env bash
python tools/scripts/check_audit_gate.py
# Exit non-zero if 🔴 issues found

Benefit: Block merges with critical issues

Agent Chaining

Concept: Multiple specialized agents in sequence

graph LR
    A[Analysis Agent] --> B[Fix Agent]
    B --> C[Review Agent]
    C --> D[Test Agent]

    style A fill:#FF6B35
    style B fill:#F7931E
    style C fill:#FDC830
    style D fill:#4CAF50

Example: Chained Audit

Agent 1 — Detector:

• Scans codebase

• Identifies issues

• Outputs issues.json

Agent 2 — Fixer:

• Reads issues.json

• Proposes patches

• Creates fixes.json

Agent 3 — Validator:

• Applies fixes

• Runs test suite

• Reports success/failure

Standards Mapping

ISO/IEC 25010 Quality Model:

• Maintainability ↔︎ Code smells, complexity

• Security ↔︎ CWE/OWASP vulnerabilities

• Reliability ↔︎ Error handling, edge cases

• Portability ↔︎ Dependencies, platform assumptions

Benefit: Align audits with industry standards

MCP for Audit Agents

Custom audit tools:

# Tool: run_security_scan
def run_security_scan(path):
    bandit_out = run_bandit(path)
    safety_out = check_dependencies()
    return merge_results(bandit_out, safety_out)

Register in MCP config → Claude uses automatically

Audit Memory & Trends

Track debt over time:

# Store audit results with timestamps
audit_20250101.json
audit_20250201.json
audit_20250301.json

Generate trends:

• Issues introduced vs resolved

• Debt accumulation rate

• Hot spots (files with recurring issues)

Advanced Prompt: Dependency Audit

Task: Scan requirements.txt for vulnerabilities.
1. Check each package against CVE databases
2. Propose version upgrades (maintain compatibility)
3. Run test suite to verify upgrades
4. Output: dependency_audit.md with risk matrix

Agent autonomously:

• Reads requirements.txt

• Queries vulnerability DBs

• Tests upgrade paths

• Generates report

Example 1: Simple Style Check

Prompt:

Audit src/ for PEP 8 violations.
Focus on line length, import order.
Output: style_report.md

Agent:

• Runs flake8

• Correlates with code context

• Suggests auto-fixes

Example 2: Security Scan

Prompt:

Scan for:
- SQL injection risks
- Unsafe eval/exec
- Hardcoded secrets
Output: security_audit.json

Agent:

• Static scan with bandit

• Semantic analysis for logic flaws

• Generates severity matrix

Example 3: Technical Debt Ranking

Prompt:

Identify top 5 technical debt items.
Rank by: impact × remediation effort.
Propose actionable fixes.

Agent:

• Calculates complexity metrics

• Identifies duplication

• Estimates refactoring effort

• Prioritizes by ROI

Example 4: Chained Refactor

Workflow:

1. Analyzer: Detects code smells

2. Refactor: Proposes fixes (preserves API)

3. Test: Runs full test suite

4. Review: Human approves or rejects

Fully automated except final approval

Prompt Engineering for Audits

Be specific:

• ❌ "Check code quality"

• ✅ "Audit for PEP 8, cyclomatic complexity >10, missing type hints"

Define output format:

• Request JSON for CI/CD

• Request Markdown for humans

Security & Governance

Key principles:

1. Scope control: MCP whitelist only safe commands

2. No secrets in prompts: Use env vars

3. Traceability: Log prompt + model version in reports

4. Human-in-the-loop: Review before applying fixes

Handling False Positives

AI isn't perfect:

• Validate findings manually

• Use static tools as ground truth

• Iterate on prompts to reduce noise

Strategy: Start conservative, tune over time

Integration Checklist

• MCP configured with safe tools

• Audit prompts tested on sample repos

• CI/CD gate script ready

• Output format standardized (JSON + Markdown)

• Team trained on reviewing AI suggestions

What We Covered

✅ Assistant vs Agent paradigms ✅ MCP architecture & setup ✅ Code auditing workflows (focus) ✅ Agent chaining & standards mapping ✅ Real-world examples

Key Takeaways

1. Agents > Assistants for complex, multi-step tasks

2. MCP enables safe, powerful tool integration

3. Auditing is the killer app for AI agents

4. Hybrid approach: Static tools + AI reasoning

5. Human oversight: Always validate critical changes

Next Steps

Hands-on:

• Configure MCP in your environment

• Run audit on internal repo

• Experiment with agent chains

Next lecture (L2):

• Deep dive: Technical debt strategies

• Standards compliance (ISO/IEC 25010)

• Advanced audit patterns

Resources

• MCP Docs: [link to MCP specification]

• Claude Code: [Anthropic docs]

• Audit templates: lectures/lecture1_agents/pages/

• Example repo: playground/ (if provided)

Questions?

Contact: Olivier Vitrac, PhD, HDR olivier.vitrac@adservio.fr

Repository: lectures/lecture1_agents/