{"id":28667880,"url":"https://github.com/dreadnode/example-agents","last_synced_at":"2025-06-13T16:11:16.610Z","repository":{"id":287452272,"uuid":"964095699","full_name":"dreadnode/example-agents","owner":"dreadnode","description":"Example agents for the Dreadnode platform","archived":false,"fork":false,"pushed_at":"2025-05-06T20:13:22.000Z","size":11659,"stargazers_count":3,"open_issues_count":2,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-05-06T21:25:59.863Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/dreadnode.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-04-10T17:22:00.000Z","updated_at":"2025-05-06T20:13:22.000Z","dependencies_parsed_at":"2025-04-11T20:32:46.439Z","dependency_job_id":"34883613-8632-4467-b15e-0e89ee4f59d4","html_url":"https://github.com/dreadnode/example-agents","commit_stats":null,"previous_names":["dreadnode/example-agents"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/dreadnode/example-agents","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dreadnode%2Fexample-agents","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dreadnode%2Fexample-agents/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dreadnode%2Fexample-agents/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dreadnode%2Fexample-agents/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/dreadnode","download_url":"https://codeload.github.com/dreadnode/example-agents/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dreadnode%2Fexample-agents/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":259677364,"owners_count":22894678,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-06-13T16:11:15.546Z","updated_at":"2025-06-13T16:11:16.561Z","avatar_url":"https://github.com/dreadnode.png","language":"PHP","readme":"# Example Agents\n\nThis repo contains a variety of example agents to use with the Dreadnode platform.\n\n## Setup\n\nAll examples share the same project and dependencies, you setup the virtual environment with uv:\n\n```bash\nuv sync\n```\n\n## Python Agent\n\nA basic agent with access to a dockerized Jupyter kernel to execute code safely.\n\n```bash\nuv run -m python_agent --help\n```\n\n- Provided a task (`--task`), begin a generation loop with access to the Jupyter kernel\n- The work directory (`--work-dir`) is mounted into the container, along with any other docker-style volumes (`--volumes`)\n- When finished, the agent markes the task as complete with a status and summary\n- The work directory is logged as an artifact for the run\n\n## Dangerous Capabilities\n\nBased on [research](https://deepmind.google/research/publications/78150/) from Google DeepMind,\nthis agent works to solve a variety of CTF challenges given access to execute bash commands on\na network-local Kali linux container.\n\n```bash\nuv run -m dangerous_capabilities --help\n```\n\nThe harness will automatically build all the containers with the supplied flag, and load them\nas needed to ensure they are network-isolated from each other. The process is generally:\n\n1. For each challenge, produce P agent tasks where P = parallelism\n2. For all agent tasks, run them in parallel capped at your concurrency setting\n3. Inside each task, bring up the associated environment\n4. Continue requesting the next command from the inference model - execute it in the `env` container\n5. If the flag is ever observed in the output, exit\n6. Otherwise run until an error, give up, or max-steps is reached\n\nCheck out [./dangerous_capabilities/challenges/challenges.json](./dangerous_capabilities/challenges/challenges.json)\nto see all the environments and prompts.\n\n## Dotnet Reversing\n\nThis agent is provided access to Cecil and ILSpy for use in reversing\nand analyzing Dotnet managed binaries for vulnerabilities.\n\n```bash\nuv run -m dotnet_reversing --help\n```\n\nYou can provide a path containing binaries (recursively), and a target vulnerability term\nthat you would like the agent to search for. The tool suite provided to the agent includes:\n\n- Search for a term in target modules to identify functions of interest\n- Decompile individual methods, types, or entire modules\n- Collect all call flows which lead to a target method in all supplied binaries\n- Report a vulnerability finding with associated path, method, and description\n- Mark a task as complete with a summary\n- Give up on a task with a reason\n\nYou can also specify the path as a Nuget package identifier and pass `--nuget` to the agent. It\nwill download the package, extract the binaries, and run the same analysis as above.\n\n```bash\n# Local\nuv run -m dotnet_reversing --model \u003cmodel\u003e --path /path/to/local/binaries\n\n# Nuget\nuv run -m dotnet_reversing --model \u003cmodel\u003e --path \u003cnuget-package-id\u003e --nuget\n```\n\n## Sensitive Data Extraction\n\nThis agent is provided access to a filsystem tool based on [fsspec](https://filesystem-spec.readthedocs.io/en/latest/)\nfor use in extracting sensitive data stored in files.\n\n```bash\nuv run -m sensitive_data_extraction --help\n```\n\nThe agent is granted some maximum step count to operate tools, query and search files, and provide\nreports of any sensitive data it finds. With the help of `fsspec`, the agent can operate on\nlocal files, Github repos, S3 buckets, and other cloud storage systems.\n\n```bash\n# Local\nuv run -m sensitive_data_extraction --model \u003cmodel\u003e --path /path/to/local/files\n\n# S3\nuv run -m sensitive_data_extraction --model \u003cmodel\u003e --path s3://bucket\n\n# Azure\nuv run -m sensitive_data_extraction --model \u003cmodel\u003e --path azure://container\n\n# GCS\nuv run -m sensitive_data_extraction --model \u003cmodel\u003e --path gcs://bucket\n\n# Github\nuv run -m sensitive_data_extraction --model \u003cmodel\u003e --path github://owner:repo@/\n```\n\nCheck out the their docs for more options:\n- https://filesystem-spec.readthedocs.io/en/latest/api.html#built-in-implementations\n- https://filesystem-spec.readthedocs.io/en/latest/api.html#other-known-implementations\n\n## SAST Vulnerability Scanning\n\nThis agent is designed to perform static code analysis to identify security vulnerabilities in source code. It uses a combination of direct file access and container-based approaches to analyze code for common security issues.\n\n```bash\nuv run -m sast_scanning --help\n```\n\nThe agent systematically examines codebases using either direct file access or an isolated container environment. It can:\n\n- Execute targeted analysis commands to search through source files\n- Report detailed findings with vulnerability location, type, and severity\n- Support various programming languages through configurable extensions\n- Operate in two modes: \"direct\" (filesystem access) or \"container\" (isolated analysis)\n- Challenges and vulnerability patterns are defined in YAML configuration files, allowing for flexible targeting of specific security issues across different codebases.\n\n### Metrics and Scoring\n\nThe agent tracks several key metrics to evaluate performance:\n\n- **valid_findings**: Count of correctly identified vulnerabilities matching expected issues\n- **raw_findings**: Total number of potential vulnerabilities reported by the model\n- **coverage**: Percentage of known vulnerabilities successfully identified\n- **duplicates**: Count of repeatedly reported vulnerabilities\n\nFindings are scored using a weighted system that prioritizes matching the correct vulnerability name (3x), function (2x), and line location (1x) to balance semantic accuracy with positional precision.\n\n```bash\n# Run in direct mode (default)\nuv run -m sast_scanning --model \u003cmodel\u003e --mode direct\n\n# Run in container mode (isolated environment)\nuv run -m sast_scanning --model \u003cmodel\u003e --mode container\n\n# Run a specific challenge\nuv run -m sast_scanning --model \u003cmodel\u003e --mode container --challenge \u003cchallenge-name\u003e\n\n# Customize analysis parameters\nuv run -m sast_scanning --model \u003cmodel\u003e --max-steps 50 --timeout 60\n```","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdreadnode%2Fexample-agents","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdreadnode%2Fexample-agents","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdreadnode%2Fexample-agents/lists"}