https://github.com/dreadnode/capabilities
Public source of the Dreadnode capabilities in app.dreadnode.io — agents, tools, skills, MCP servers, and workers.
https://github.com/dreadnode/capabilities
agents ai-agents capabilities dreadnode mcp security skills
Last synced: 25 days ago
JSON representation
Public source of the Dreadnode capabilities in app.dreadnode.io — agents, tools, skills, MCP servers, and workers.
- Host: GitHub
- URL: https://github.com/dreadnode/capabilities
- Owner: dreadnode
- Created: 2026-05-04T19:02:23.000Z (about 2 months ago)
- Default Branch: main
- Last Pushed: 2026-05-22T20:20:14.000Z (27 days ago)
- Last Synced: 2026-05-22T22:26:22.326Z (27 days ago)
- Topics: agents, ai-agents, capabilities, dreadnode, mcp, security, skills
- Language: Python
- Homepage: https://app.dreadnode.io/capabilities
- Size: 9.47 MB
- Stars: 2
- Watchers: 0
- Forks: 1
- Open Issues: 3
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- Agents: AGENTS.md
Awesome Lists containing this project
README
Dreadnode Capabilities
This is the source repo for the capabilities Dreadnode publishes to [app.dreadnode.io](https://app.dreadnode.io). A capability is a directory — a manifest plus any combination of agents, tools, skills, and MCP servers — that a Dreadnode runtime picks up and loads:
```text
ai-red-teaming/
capability.yaml # manifest
agents/ # markdown prompts
tools/ # python @tool functions
skills/ # SKILL.md packs
```
## Install one
- **Published** — `dn capability install dreadnode/ai-red-teaming` (swap in any name from `capabilities/`)
- **From source** — `dn capability install ./capabilities/ai-red-teaming` symlinks the directory into your runtime, so edits go live on reload
- **From the TUI** — start `dn`, press `Ctrl+P`, filter for `dreadnode/`
`dn` is the Dreadnode CLI — see [getting-started](https://docs.dreadnode.io/getting-started/quickstart/) to install and authenticate. Full install reference for capabilities lives at [docs.dreadnode.io/capabilities/installing](https://docs.dreadnode.io/capabilities/installing/).
## Build your own
Every directory under `capabilities/` is a shipped, working example. Read one alongside the docs:
- [Concepts and load model](https://docs.dreadnode.io/capabilities/overview/)
- [Manifest reference](https://docs.dreadnode.io/capabilities/manifest/)
- [Quickstart](https://docs.dreadnode.io/capabilities/quickstart/) — scaffold to running in the TUI in about ten minutes
## Security scanning
Every skill in this repo is scanned with [cisco-ai-defense/skill-scanner](https://github.com/cisco-ai-defense/skill-scanner) for prompt injection, data exfiltration, tool-chaining abuse, and supply chain risk. CI fails on HIGH+ findings and uploads SARIF reports to GitHub Code Scanning. The repo policy in [`scan-policy.yaml`](scan-policy.yaml) tunes the scanner for security-focused content.
```bash
just security-scan # scan all capabilities
just security-scan web-security # scan one capability
just security-scan behavioral="true" # deep dataflow analysis
```
## Contributing
This repo is published for reference, not as a contribution target — we don't generally accept external PRs that add new capabilities. See [CONTRIBUTING.md](CONTRIBUTING.md) for what's useful to send and how to build your own capabilities instead.
## License
Each capability declares its license in its `capability.yaml`.