TNT Threat Navigation Toolkit

TNT Threat Navigation Toolkit is a generic, defensive, Mythos-inspired repository review toolkit built around:

• Pi for operator workflows
• RLM for recursive code exploration
• one discovery model for Roadrunner
• one triage model for Coyote

It is designed for maintainers and internal security teams reviewing source trees. It does not generate exploit payloads or automate unpublished vulnerability discovery.

Scope

Supported:

• repository ranking and focused source review
• maintainer-grade triage
• machine-readable JSON and Markdown reporting
• optional replay of already-public cases using checked-in manifests

Not supported:

• weaponization
• shellcode or payload generation
• autonomous discovery or disclosure of unpublished vulnerabilities

Recommended Model Pair

Recommended defaults:

• Roadrunner: Qwen3.5-27B
• Coyote: GLM-5.1

Why this split:

• Roadrunner benefits from strong code-following and tool-using behavior during recursive search.
• Coyote benefits from deliberate reasoning for deduplication, severity, and disposition.

Everything is configurable through environment variables and CLI flags.

Important:

• ROADRUNNER_MODEL and COYOTE_MODEL must match the model id exposed by your local OpenAI-compatible server.
• If your local server exposes an alias such as mitko, use that alias in the harness configuration even if the underlying weights are Qwen or GLM.

Layout

• python/: scanner, ranking, report writer, optional public-case verifier
• node/: Pi extension, commands, tool wrappers, local provider registration
• public-cases/: optional manifests for already-public advisories or fixes
• scripts/: bootstrap helpers and non-interactive verifier
• .pi/: project-local Pi extension and skill

Environment

Defaults:

• ROADRUNNER_ENDPOINT=http://127.0.0.1:8000/v1
• ROADRUNNER_MODEL=Qwen3.5-27B
• COYOTE_ENDPOINT=http://127.0.0.1:8001/v1
• COYOTE_MODEL=GLM-5.1

Optional:

• HARNESS_RUNTIME_ROOT=/path/to/runtime
• OPENAI_API_KEY=local

You can start from .env.example.

To inspect what your local endpoints actually expose, run:

./scripts/check-local-endpoints.sh

By default, runtime artifacts are written under:

• <target-repo>/.security-harness/

Setup

Python:

cd python
uv sync

Node:

cd node
PATH="$(../scripts/ensure-node20.sh --print-bin):$PATH"
npm install

Pi Usage

If you want Pi to operate directly inside a target repository, symlink this repo's .pi/ directory into that target repository:

ln -s /path/to/rlm-defense-harness/.pi /path/to/target-repo/.pi

Then start Pi from the target repository root:

cd /path/to/target-repo
PATH="$("/path/to/rlm-defense-harness/scripts/ensure-node20.sh" --print-bin):$PATH"
npx @mariozechner/pi-coding-agent

Or use the helper:

cd /path/to/target-repo
/path/to/rlm-defense-harness/scripts/run-pi.sh

The helper bootstraps Node 20 and launches Pi, but Pi still needs .pi/ in the target repository to discover the extension and skill.

The harness slash commands themselves do not require a Claude API key. They call the configured local endpoints directly.

Available Pi commands:

• /security-scan current
• /security-scan current <focus-path> [more focus paths...] [--file-budget N] [--rlm-timeout SEC] [--local-repl]
• /security-scan public-case <case-id>
• /security-status
• /coyote-triage <report.json|basename|run-id>

Examples:

/security-scan current
/security-scan current src/network
/security-scan current src/network/parser.c --file-budget 1 --rlm-timeout 45
/coyote-triage scan-abc123

CLI Usage

Rank files:

uv run --directory python security-harness rank-files --repo-root /path/to/target-repo

Run a scan:

uv run --directory python security-harness --json scan \
  --repo-root /path/to/target-repo \
  --mode current \
  --file-budget 20 \
  --roadrunner-endpoint "$ROADRUNNER_ENDPOINT" \
  --roadrunner-model "$ROADRUNNER_MODEL"

Verify an already-public case:

uv run --directory python security-harness --json verify-public-case \
  --repo-root /path/to/target-repo \
  --case-id my-public-case

One-Shot Verification

Use the non-interactive verifier when you want a single PASS or FAIL summary:

./scripts/verify-harness.sh --repo-root /path/to/target-repo

Common options:

./scripts/verify-harness.sh \
  --repo-root /path/to/target-repo \
  --focus-path src/network \
  --file-budget 10 \
  --rlm-timeout 45

./scripts/verify-harness.sh \
  --repo-root /path/to/target-repo \
  --case-id published-parser-fix

The verifier performs:

1. Roadrunner endpoint preflight
2. Coyote endpoint preflight
3. current-tree scan on the selected target repository
4. Coyote triage on the resulting report
5. optional public-case replay when --case-id is supplied
6. optional historical-tree scan when --historical-repo-root is supplied

Reports

Each run writes:

• JSON report
• Markdown report

Important fields:

• request.focus_paths
• candidates
• triaged_findings
• scan_failures
• token_usage.roadrunner
• report_paths

Interpretation:

• candidates = 0 and scan_failures > 0: Roadrunner did not complete cleanly
• candidates = 0 and scan_failures = 0 with non-empty token_usage.roadrunner: Roadrunner ran but found nothing
• triaged_findings > 0: Coyote ran and wrote decisions

Public Cases

public-cases/ is optional. Only add manifests for already-public fixes or advisories.

Start from:

• public-cases/example-public-case.template.json

Development

Python tests:

cd python
uv run pytest -q

Node tests:

cd node
PATH="$(../scripts/ensure-node20.sh --print-bin):$PATH"
npm test