feat(airt): auth-setup-guide skill — authenticate target/attacker/judge from any environment (1.6.8)#80
Merged
Merged
Conversation
…entials (1.6.8) Guides the agent to authenticate all three model roles from the user's own environment before an assessment, across clouds and auth mechanisms: - Target A1 — litellm-routed models (preferred): provider→model-string→env-var table covering OpenAI/Anthropic/Gemini/Groq/Mistral/Together plus Azure OpenAI, Azure AI Foundry, AWS Bedrock, Google Vertex, Ollama, and dn/ proxy. - Target A2 — custom HTTP endpoints via custom_url + custom_auth_type (none/bearer/ api_key) + request template + JSONPath response. - Target A3 — SigV4 / Azure managed identity / GCP ADC / Nova Sonic S2S via the SDK build_target escape hatch, with per-mode prerequisites. - Attacker & judge auth (litellm pattern; vision/audio judge for media-output scoring). - Local env vars vs Dreadnode-hosted platform secrets. Reinforces the standing rules: credentials only by env-var name (never inline), and no safety reasoning on the goal. Referenced from the agent's lazy-load skill list.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds a new
auth-setup-guideskill that guides the agent (and user) through authenticating all three model roles — target, attacker, and judge — from the user's own environment, across clouds and auth mechanisms. Closes the gap where users could not easily tell how to probe a model deployed in their Azure / AWS / GCP account or behind a custom endpoint.target_modelstring → env-var table covering OpenAI, Anthropic, Gemini, Groq, Mistral, Together, Azure OpenAI, Azure AI Foundry, AWS Bedrock, Google Vertex AI, Ollama, and thedn/proxy. This is how Azure Foundry OpenAI deployments and Vertex models are probed with the standard tools — just env vars, no custom code.custom_url+custom_auth_type(none/bearer/api_key) + request template + JSONPath response.azure_ad), GCP ADC (gcp), and Amazon Nova Sonic speech-to-speech viadreadnode.airt.build_target/nova_sonic_target, each with its prerequisites. (The TUI tools cover key/bearer today; this points power users to the SDK for the rest.)dn/models as the easy default; vision/audio judge required for media-output scoring.Reinforces the standing rules: credentials only ever referenced by env-var name, never inlined, and the agent applies no safety reasoning to the goal — the skill only configures auth. Referenced from the agent's lazy-load skill list. Bumps capability to 1.6.8.
This complements dreadnode-tiger #1907 (the SDK
build_targetuniversal-target factory), which is what A3 leans on.Test plan
allowed-toolslists only real tools (generate_attack,generate_multimodal_attack,generate_agentic_attack,generate_category_attack)skills/incapability.yaml; referenced in agent md