Skillget

agentic-ai-nano

mcp
Security Audit
Fail
Health Warn
  • License — License: MIT
  • Description — Repository has a description
  • Active repo — Last push 0 days ago
  • Low visibility — Only 9 GitHub stars
Code Fail
  • eval() — Dynamic code execution via eval() in .constraint-monitor.yaml
  • rm -rf — Recursive force deletion command in .github/workflows/deploy-pages.yml
Permissions Pass
  • Permissions — No dangerous permissions requested
Purpose
This is an educational repository providing a 6-week nanodegree program focused on Agentic AI development, covering frameworks, RAG architectures, and agent communication protocols.

Security Assessment
The overall risk is Medium. While the tool does not request explicitly dangerous permissions or contain hardcoded secrets, it fails two critical security checks. First, it uses dynamic code execution via `eval()` in a configuration file, which introduces a significant risk of arbitrary code injection. Second, a GitHub Actions deployment workflow contains a highly destructive `rm -rf` recursive force deletion command, which could be devastating if triggered improperly. Additionally, the README references internal IP addresses and corporate network setups, indicating it may have specific enterprise infrastructure expectations. Users should proceed carefully and audit the execution environments.

Quality Assessment
The project is very new and has low visibility, evidenced by only 9 GitHub stars. However, it is actively maintained with a recent push occurring today. It benefits from clear documentation and is fully licensed under the standard MIT open-source license, which is favorable for legal usage and modification.

Verdict
Use with caution: the educational content is actively maintained and open-source, but developers must review and remediate the dangerous `eval()` and `rm -rf` commands before executing or deploying this code.
SUMMARY

nano-degree in Agentic AI

README.md

Agentic AI Nanodegree

Advanced AI Agent Development & Protocol Integration - A comprehensive 6-week self-paced program covering modern AI agent development, from foundational patterns through cutting-edge protocols and production deployment.

🔒 Corporate Content Security Notice: This repository contains only public course materials. BMW-specific corporate content is delivered securely through automatic network detection and encryption - no sensitive corporate information is stored in this public repository or exposed outside BMW corporate networks.

🚀 Quick Start

Start Here: Cloud Development Environment - Access your pre-configured workspace at http://10.21.202.14/workspaces

Essential Setup:

  1. Cloud Environment Setup - Pre-configured workspace with all dependencies
  2. LLM API Configuration - Gaia API access for AI models
  3. 🎧 Podcast Mode - Learn hands-free while commuting

Course Structure

3 Modules × 2 Weeks Each = 6 Weeks Total

Module 01: Agent Frameworks & Patterns

Focus: Core agent development with modern frameworks
Start Module 01 →

  • Week 1: Bare metal agents, LangChain, LangGraph, CrewAI, PydanticAI
  • Week 2: Atomic Agents, ADK, Agno, Multi-agent patterns, Production deployment

Module 02: Retrieval-Augmented Generation (RAG)

Focus: Advanced RAG systems and cognitive architectures
Start Module 02 →

  • Week 1: Basic RAG, chunking, vector databases, query enhancement, evaluation
  • Week 2: Graph-based RAG, agentic RAG, multimodal RAG, production integration

Module 03: MCP, ACP & A2A Communication

Focus: Agent communication protocols and distributed systems
Start Module 03 →

  • Week 1: MCP server basics, filesystem integration, LangChain integration, production deployment
  • Week 2: Security, ACP fundamentals, A2A communication, advanced workflows, enterprise integration

Learning Paths

Each session offers 3 learning paths to match your time and depth preferences:

  • Observer Path (30-50 min): Conceptual understanding and overview
  • Participant Path (60-90 min): Guided implementation with examples
  • Implementer Path (120-180 min): Complete hands-on development

Learning Outcomes

By completion, you will:

  • Master the five core agentic patterns: Reflection, Tool Use, ReAct, Planning, Multi-Agent Collaboration
  • Build production-ready agents using cutting-edge frameworks (LangChain, CrewAI, PydanticAI, Atomic Agents, Agno)
  • Implement sophisticated RAG systems with NodeRAG, reasoning-augmented retrieval, and multimodal capabilities
  • Design distributed agent architectures using MCP, ACP, and A2A protocols
  • Deploy enterprise-grade agent systems with monitoring, security, and scalability

Prerequisites

Required:

  • Python programming (intermediate level)
  • API integration experience (REST APIs, JSON)
  • Software design understanding (OOP, design patterns)
  • Development environment familiarity (virtual environments, package management)

Recommended:

  • Basic LLM understanding
  • HTTP protocols and web services experience
  • Database and data processing knowledge
  • Distributed systems concepts

Getting Started

Cloud Environment (Recommended)

Access your pre-configured workspace - no local installation needed!

  1. Access Coder Workspace - http://10.21.202.14/workspaces
  2. Configure LLM API - Gaia API setup
  3. Enable Podcast Mode - Learn while commuting
  4. Choose your learning path and start with Module 01

Local Setup (Alternative)

Public Users (Standard Clone)

git clone https://github.com/fwornle/agentic-ai-nano.git
cd agentic-ai-nano
python -m venv venv
source venv/bin/activate
pip install -r docs-content/01_frameworks/src/session1/requirements.txt
mkdocs serve  # View documentation locally

Corporate Users (With Corporate Content)

# Clone with corporate content submodule
git clone --recurse-submodules https://github.com/fwornle/agentic-ai-nano.git
cd agentic-ai-nano
python -m venv venv
source venv/bin/activate
pip install -r docs-content/01_frameworks/src/session1/requirements.txt
mkdocs serve  # View documentation with corporate content

Alternative for Corporate Users (if submodules weren't cloned initially):

git clone https://github.com/fwornle/agentic-ai-nano.git
cd agentic-ai-nano
git submodule init
git submodule update  # Fetch corporate content
# Continue with setup...

Navigation

Documentation

Module Quick Access

Resources

Corporate Content Availability

This nanodegree features automatic corporate network (CN) detection that securely unlocks additional BMW-specific content when accessed from BMW corporate networks. Important: Sensitive corporate content is never stored in this public repository or exposed outside the BMW corporate network.

How Secure Content Access Works

🌐 Public Network Access:

  • Generic course materials suitable for all audiences
  • Local development environment setup guides
  • Public LLM API configuration (OpenAI, Anthropic, etc.)
  • Standard 9-session course structure per module

🏢 BMW Corporate Network Access (Secure):

  • Automatic Detection: System detects corporate network via IP ranges and internal service accessibility
  • Encrypted Content Delivery: Corporate content is encrypted and only decryptable from BMW networks
  • Enhanced Content: BMW-specific examples, configurations, and deployment guides
  • Additional Sessions: Access to Session 10 "Enterprise Integration & Production Deployment"
  • Cloud Development Environment: Pre-configured BMW Coder workspace access
  • BMW Gaia LLM API: Internal LLM service integration
  • Corporate Infrastructure: BMW-specific architecture diagrams and integration patterns

Security & Content Protection

🔒 Content Security Model:

  • No Sensitive Data in Repository: Corporate content is never stored in plaintext in this public repository
  • Encrypted Distribution: Corporate content is AES-256-GCM encrypted before inclusion in public deployments
  • Network-Based Decryption: Content can only be decrypted and viewed from BMW corporate networks
  • Automatic Fallback: Public users always see appropriate generic content without corporate details

Network Detection Indicators

When you access the course, you'll see visual indicators of your network status:

  • 🏢 BMW Corporate Network: Blue indicator shows cloud development environment is available
  • 🌐 Public Network: Green indicator shows local setup is required
  • 🔍 Detecting Network...: Orange indicator during network detection process

Repository Access Models

Public Users (Standard Access):

git clone https://github.com/fwornle/agentic-ai-nano.git
# No additional setup needed - corporate content loads automatically if on BMW network

Corporate Users (Local Development):

# Option 1: Clone with corporate submodule for local development
git clone --recurse-submodules https://github.com/fwornle/agentic-ai-nano.git

# Option 2: Add corporate submodule to existing clone
git clone https://github.com/fwornle/agentic-ai-nano.git
cd agentic-ai-nano
git submodule init && git submodule update

Corporate Content Detection Details

Network Detection Process:

  1. Hostname Detection: Checks for *.bmw.com, *.bmwgroup.com, and internal IP ranges
  2. External IP Verification: Validates against BMW IP ranges (160.46., 194.114., etc.)
  3. Internal Service Test: Tests accessibility to contenthub.bmwgroup.net
  4. Automatic Fallback: Gracefully falls back to public content if detection fails

What Corporate Users Get:

Enhanced Module Content:

  • Module 01: BMW Coder cloud environment setup and integration
  • Module 02: Corporate-specific RAG examples with internal data sources
  • Module 03: Session 10 "Enterprise Integration & Production Deployment"
    • BMW-specific infrastructure patterns
    • Corporate deployment strategies
    • Enterprise security considerations
    • Production monitoring and scaling

Corporate-Specific Features:

  • Pre-configured Development Environment: http://10.21.202.14/workspaces
  • BMW Gaia LLM API Access: Internal model endpoints and authentication
  • Corporate Architecture Diagrams: BMW-specific system integration patterns
  • Enterprise Security Examples: Corporate authentication and authorization patterns

Architecture Overview

Intelligent Content System:

  • Automatic Detection: No manual switches or configuration required
  • Secure Content Delivery: Corporate content encrypted and decrypted client-side
  • Seamless Experience: Users see appropriate content based on their network automatically
  • Graceful Degradation: Always falls back to public content to ensure accessibility

Technical Components:

  • Network Detection Engine: Multi-layer corporate network detection
  • Content Encryption System: AES-GCM encrypted corporate content for secure public deployment
  • Dynamic Content Loader: Client-side decryption and content injection
  • Navigation Intelligence: Automatic addition/removal of corporate navigation items

Content Structure

nano-degree/ (Public Repository)
├── docs-content/
│   ├── 00_intro/coder.md            # Generic setup guide (corporate content injected dynamically)
│   ├── 01_frameworks/               # Public course content
│   ├── 02_rag/                      # Public course content  
│   ├── 03_mcp-acp-a2a/             # Public course content (Session 10 added dynamically)
│   └── javascripts/
│       ├── network-detection-unified.js  # Network detection & content injection
│       └── corporate-content-loader.js   # Legacy loader (deprecated)
├── scripts/
│   ├── encrypt-corporate-content.js      # Content encryption utility
│   └── inject-corporate-content.js       # Build-time content injection
└── site/                            # Built site (contains encrypted corporate content in HTML comments)
    └── **/*.html                    # Pages with encrypted content embedded for CN decryption

corporate-only/ (Private Repository - Referenced as Submodule)
├── content.encrypted.json           # AES-256-GCM encrypted content bundle
├── 00_intro/
│   ├── coder-concise.md             # Compact BMW Coder setup guide  
│   ├── coder-detailed.md            # Detailed BMW environment setup
│   └── llmapi-detailed.md           # BMW Gaia LLM API documentation
├── 03_mcp-acp-a2a/
│   └── Session10_Enterprise_Integration_Production_Deployment.md
└── images/                          # BMW-specific diagrams (encrypted)
    ├── bmw-*.png                    # Corporate architecture diagrams
    ├── coder-*.png                  # Development environment screenshots
    └── cn-*.png                     # Corporate network diagrams

Security Note: The corporate-only/ directory is a private Git submodule. Corporate content is encrypted before being embedded in the public deployment and can only be decrypted from BMW corporate networks.

Content Publishing Workflow

For Public Deployment:

  1. Corporate content encrypted using AES-256-GCM
  2. Encrypted manifest included in public repository
  3. Network detection determines content visibility
  4. Corporate content decrypted client-side on corporate network

For Corporate Environment:

  • Direct access to unencrypted corporate content
  • Corporate cloud development environment
  • Pre-configured templates and organization-specific integrations

Development Workflow

For Corporate Content Maintainers (BMW Internal Only):

# Note: This workflow requires access to the private corporate-only repository

# 1. Update corporate content (private repository)
cd docs-content/corporate-only
# Make changes to corporate files
git add . && git commit -m "Update corporate content"
git push origin main

# 2. Encrypt for public deployment (main repository)
cd ../../
node scripts/encrypt-corporate-content.js

# 3. Deploy encrypted content
git add docs-content/corporate-only
git commit -m "Update encrypted corporate content"
git push origin main

# 4. Test from corporate network
# Access deployed site - decryption tested automatically

For Public Contributors:

# Standard contribution workflow - no access to corporate content required
git clone https://github.com/fwornle/agentic-ai-nano.git
cd agentic-ai-nano
# Make changes to public content only
git add . && git commit -m "Update public content"
git push origin main

Content Security Guidelines:

  • Corporate Content: Never include BMW-specific details in public content files
  • Generic Alternatives: Always provide generic alternatives for corporate-specific instructions
  • Conditional Content: Use automatic network detection rather than manual switches
  • Images: Corporate images are encrypted and stored separately from public repository

Security Features

  • Network-based Access Control: Content visibility based on corporate network detection
  • Encryption at Rest: Corporate content encrypted when included in public repository
  • Client-side Decryption: Secure decryption only available from corporate network
  • IP Range Validation: Multiple corporate IP range patterns for network detection
  • Automatic Content Switching: Seamless transition between corporate and public content

This system ensures corporate-specific content remains secure while allowing flexible deployment across both internal and public environments.

Certification

Module Completion: Complete all sessions, achieve 80%+ on assessments, implement practical exercises
Nanodegree Completion: Complete all 3 modules + capstone project integrating all concepts

Ready to build the future of AI agents?

🚀 Start Your Journey: Setup Cloud Workspace →

Transform your commute into productive learning time with our 🎧 Podcast Mode - perfect for hands-free learning while driving!

Reviews (0)

No results found