AI-assisted security and pentest terminal tool.
Sentinel is a modular terminal tool that combines an AI-powered assistant with structured security testing capabilities. It supports autonomous pentest campaigns with persistent state, multi-phase workflows, and evidence-backed reporting.
./sentinel # Interactive session
./sentinel --help # Show available options
./sentinel --pentest # Start a pentest campaign session
./sentinel -p "your prompt" # Single prompt mode- Provider system — Pluggable AI backend support (Z.ai, Anthropic-compatible)
- Pentest campaigns — Autonomous multi-phase security assessments
- Structured persistence — JSONL-based campaign state that survives interruptions
- Capability packs — Modular security testing coverage (web, API, cloud, network)
- Tool ecosystem — Built-in tools for file editing, code search, web fetching, and more
Launch a security assessment with natural language:
./sentinel --pentest
> Run a passive security audit on example.comThe AI operator will:
- Initialize a campaign with scope and objectives
- Advance through phases (recon, enumeration, testing, reporting)
- Record operations, assets, observations, hypotheses, and findings
- Generate a final report with evidence-backed findings
Campaign data is persisted under .sentinel-home/runs/.
./sentinelRequires Bun runtime.
| Category | Technology |
|---|---|
| Runtime | Bun |
| Language | TypeScript (strict) |
| Terminal UI | React + Ink |
| CLI Parsing | Commander.js |
| Schema Validation | Zod v4 |
| Protocols | MCP SDK, LSP |
This project is for educational and security research purposes.