The Intelligence & Optimization Release — Hardened Autonomous AI Security Agent
| Feature | Description |
|---|---|
| 🏭 Mandatory Sandbox | All commands execute inside Docker. No host fallback. |
| 🔐 Read-Only Root | Container filesystem is read-only (except workspace). |
| 🛡️ Multi-Layer Injection Detection | 4-layer risk analysis for prompt injection. |
| 🚫 Exfiltration Pre-Scan | Prevents data exfiltration before command execution. |
| 🎭 Finding Validation | Automatic hallucination detection for security findings. |
| 📊 Fuzzy Knowledge | Robust technology extraction with fuzzy matching. |
Memory: 512MB Limit
CPU: 0.5 Cores
Filesystem: Read-only (except /root/workspace)
Capability: NET_RAW only (NET_ADMIN removed)
Network: Bridge isolated
| Feature | Description |
|---|---|
| 🌫️ Tabula Rasa | No hardcoded tool registries. The AI is the master of its own technical stack. |
| 🔍 Path Discovery | Dynamically scans $PATH to reveal 2000+ available system tools instantly. |
| 🎯 Auto-Provisioning | Autonomous installation of apt, pip, git, or source tools based on target discovery. |
| 🐚 Stateful Heart | Long-running bash sessions that survive restarts. Arsenal building lives on. |
| 🛡️ AST Guardrails | Advanced Python AST and shell analysis to keep the host system safe while allowing tactical freedom. |
- Docker installed and running
- Python 3.11+ (via UV)
# Using the installed script (recommended)
vibehack
# Or directly with UV
cd /home/rasyiqi/Project/VibeHack
uv run vibehack
# With target
vibehack --target http://localhost:3000
# Health check
vibehack check# Install via UV (recommended)
uv pip install -e .
# Or manual
cp /home/rasyiqi/.local/bin/vibehack /home/rasyiqi/.local/bin/vibehack.new
chmod +x /home/rasyiqi/.local/bin/vibehack.new# Start interactive REPL
vibehack
# Quick audit with target
vibehack --target http://192.168.1.100
# Resume previous session
vibehack resume <session-id>
# Generate report
vibehack report <session-id>
# Health check & tool discovery
vibehack check| Variable | Default | Description |
|---|---|---|
VH_SANDBOX |
false |
Enable sandbox mode (true to enable) |
VH_PROVIDER |
openrouter |
LLM provider |
VH_API_KEY |
- | API key |
VH_MODEL |
google/gemini-2.0-flash-exp:free |
Model to use |
VH_MAX_TURNS |
20 |
Conversation history limit |
VH_TRUNCATE_LIMIT |
4000 |
Output truncation limit |
- v4.0: Stateful Engine — Persistent Shell & Memory.
- v4.2: Intelligence & Optimization — Security hardening, injection detection, hallucination validation.
- v4.5: Evidence Capture — Screenshot & media analysis for reporting.
- v5.0: Swarm Intelligence — Multi-target collaborative auditing.
- Sandbox Required: Set
VH_SANDBOX=truein.envfor hardened execution. - Authorized Testing Only: Use only on systems you own or have explicit authorization.
- Docker Needed: The sandbox requires Docker to be installed and running.
Built by CredibleMark. Authorized Testing Only.
Empowering the next generation of offensive AI security.