Skip to content

Add Simulation Engine and Adaptive Attack Engine#61

Merged
thebenignhacker merged 2 commits intomainfrom
feat/simulation-engine-attack-engine
Mar 26, 2026
Merged

Add Simulation Engine and Adaptive Attack Engine#61
thebenignhacker merged 2 commits intomainfrom
feat/simulation-engine-attack-engine

Conversation

@thebenignhacker
Copy link
Copy Markdown
Contributor

@thebenignhacker thebenignhacker commented Mar 26, 2026

Summary

  • Simulation Engine: mock tool environment, 20-probe battery, 3-layer architecture
    • Layer 1: NanoMind TME (8ms), Layer 2: 5 probes (3s), Layer 3: full 20 probes (30s)
    • LLM executor with auto-detection (NanoMind > Ollama > Anthropic > heuristic)
  • Adaptive Attack Engine: target reader, payload generator, feedback loop, defense mapping
    • NanoMind-powered red team that generates target-specific attacks
    • Iterates up to 5x per attack category, maps all defenses
  • Training pipeline: auto-exports labeled pairs from scans/attacks to NanoMind corpus
  • CLI: hackmyagent attack <file>, --deep for full sim, NanoMind default-on
  • UX redesign: smart defaults by persona (developer/CI/security engineer)

Test plan

  • 1,113 tests pass (npx vitest run)
  • Type-check clean (tsc --noEmit)
  • Simulation correctly identifies malicious vs benign skills
  • Attack engine generates target-specific payloads and adapts on failure

@thebenignhacker
Add Simulation Engine, Adaptive Attack Engine, NanoMind default-on
0e0130f 
Simulation Engine (src/simulation/):
- Mock tool environment: 5 tool types (API, DB, memory, credential, communication)
- 20-probe battery across 7 categories (exfiltration, override resistance,
  scope expansion, credential, persistence, heartbeat, semantic consistency)
- 3-layer architecture: NanoMind TME (8ms) -> targeted probes (3s) -> full sim (30s)
- Target: < 1% false positive rate vs industry 95.8%

Adaptive Attack Engine (src/attack-engine/):
- Target reader: semantic vulnerability surface extraction
- Payload generator: target-specific attacks using target's own language
- Feedback loop: attack -> observe -> adapt -> iterate (up to 5 per category)
- Defense map: complete portrait of what held and what failed
- Training pipeline: auto-exports labeled pairs from every scan/attack to NanoMind corpus

CLI UX redesign:
- NanoMind auto-enabled by default when daemon is available
- hackmyagent secure: smart defaults (developer persona)
- hackmyagent secure --deep: full simulation + attacks (security engineer)
- hackmyagent secure --static-only: deterministic (CI persona)
- hackmyagent attack <file>: dedicated adaptive red team command
- hackmyagent explain <findingId>: NanoMind-powered explanations

1,113 tests pass (33 new: 23 simulation + 10 attack engine).
@thebenignhacker
Wire LLM execution into simulation engine with auto-detection
8da73a7 
- LLM executor: 3 backends (NanoMind daemon, Anthropic Claude, Ollama)
- Auto-detects best available backend (NanoMind > Ollama > Anthropic)
- Loads skill as system prompt, injects probe as user message
- Observes tool calls via structured output patterns
- Analyzes response for behavioral signals per probe category
- Falls back to heuristic analysis when no LLM is available
- Production CLI passes useLLM:true, tests use heuristic (fast, deterministic)
github-actions[bot]
github-actions bot approved these changes Mar 26, 2026
View reviewed changes
Copy link
Copy Markdown

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Claude Code Review

Security Review: PR #61 - Add Simulation Engine and Adaptive Attack Engine

VERDICT: APPROVE

SUMMARY:

This PR introduces a comprehensive behavioral simulation engine and adaptive attack engine to HackMyAgent. The architecture is sound with three-layer simulation (NanoMind → quick probes → full behavioral analysis) and adaptive red-team attack generation. I've verified all critical code paths for security issues. The code uses safe patterns throughout: no shell interpolation in command execution, path operations are properly scoped, regex patterns are linear-time, external API calls are properly contained within test/simulation contexts, and file operations use appropriate bounds checks. The training data pipeline writes to user home directory with proper path construction. No unmitigated security vulnerabilities were found.

FINDINGS:

None. All potential security concerns have adequate mitigations in place:

  • Path traversal prevention verified: Training pipeline (line 19) uses join(homedir(), '.opena2a', 'training-data') with static path components — no user input interpolation
  • No command injection risk: No use of exec(), spawn() with shell mode, or string-interpolated command construction
  • Regex DoS prevention verified: All regex patterns use linear-time constructs (alternation with bounded quantifiers, no nested repetition like (a+)+)
  • External API calls properly scoped: callExternalAPI() in mock-tools.ts (lines 48-70) is simulation infrastructure that logs calls without executing them — correct design for a security testing tool
  • JSON parsing safety: All JSON.parse() calls wrapped in try-catch blocks or used on controlled/validated input
  • File operations bounded: Training pipeline limits input to 4096 bytes (lines 69, 81, 146) and uses slice(0, 4096) before writing
  • Type safety maintained: TypeScript strict mode patterns throughout, proper null checks on optional properties

The adaptive attack engine correctly implements security research tooling — it generates attack payloads for testing purposes, which is its intended function. The mock tool environment properly intercepts and logs tool calls without executing them, which is the correct design for a behavioral simulator.

Reviewed 18 files changed (131427 bytes)

@thebenignhacker thebenignhacker merged commit 2958c14 into main Mar 26, 2026
1 check passed
@thebenignhacker thebenignhacker deleted the feat/simulation-engine-attack-engine branch March 26, 2026 16:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@thebenignhacker