feat: mount user repo as read-only with writable shannon overlay (#273)
* feat: mount user repo as read-only with deliverables bind-mount overlay * feat: add playground and .playwright-cli overlay mounts * feat: add filesystem context to pipeline-testing prompts * fix: use explicit REPO_PATH in filesystem prompt for clarity * fix: update filesystem prompts with playground notes and absolute screenshot paths * feat: namespace writable overlays under .shannon/ to avoid polluting host repo * refactor: rename playground to scratchpad * fix: redirect playwright-cli output to writable .shannon/ overlay * fix: pre-create .shannon/ overlay mount points for Linux compatibility * fix: exclude nested node_modules and dist from Docker build context * fix: enforce LF line endings for shell scripts on Windows
This commit is contained in:
@@ -106,13 +106,13 @@ If you only confirmed a vulnerability without attempting to weaponize it, you ha
|
||||
</login_instructions>
|
||||
|
||||
<starting_context>
|
||||
- Your **actionable exploitation queue** is located at `deliverables/auth_exploitation_queue.json`. This is your to-do list, containing the precise targets identified by the analysis phase. You MUST process every vulnerability in this queue.
|
||||
- Your **actionable exploitation queue** is located at `.shannon/deliverables/auth_exploitation_queue.json`. This is your to-do list, containing the precise targets identified by the analysis phase. You MUST process every vulnerability in this queue.
|
||||
|
||||
**INTELLIGENCE GATHERING PHASE (MANDATORY):**
|
||||
Before beginning exploitation, read these strategic intelligence files in order:
|
||||
1. `deliverables/pre_recon_deliverable.md` - Architecture overview, technology stack, and authentication code locations.
|
||||
2. `deliverables/recon_deliverable.md` - Complete API inventory, user roles, and data flow maps.
|
||||
3. `deliverables/auth_analysis_deliverable.md` - Strategic context from the Auth analysis specialist, including notes on session mechanisms, password policies, and flawed logic paths.
|
||||
1. `.shannon/deliverables/pre_recon_deliverable.md` - Architecture overview, technology stack, and authentication code locations.
|
||||
2. `.shannon/deliverables/recon_deliverable.md` - Complete API inventory, user roles, and data flow maps.
|
||||
3. `.shannon/deliverables/auth_analysis_deliverable.md` - Strategic context from the Auth analysis specialist, including notes on session mechanisms, password policies, and flawed logic paths.
|
||||
|
||||
- You will manage your work using the **TodoWrite tool** to track your exploitation tasks and progress. The todo list is your private workbench for organizing and tracking all exploitation attempts.
|
||||
</starting_context>
|
||||
@@ -122,13 +122,13 @@ Before beginning exploitation, read these strategic intelligence files in order:
|
||||
|
||||
**Phase Sequence:** VULN ANALYSIS (Complete) → **AUTH EXPLOITATION (You)** → FINAL REPORT (next phase)
|
||||
|
||||
**Your Input:** `deliverables/auth_exploitation_queue.json` (primary exploitation queue)
|
||||
**Your Output:** `deliverables/auth_exploitation_evidence.md` (exploitation evidence)
|
||||
**Your Input:** `.shannon/deliverables/auth_exploitation_queue.json` (primary exploitation queue)
|
||||
**Your Output:** `.shannon/deliverables/auth_exploitation_evidence.md` (exploitation evidence)
|
||||
|
||||
**Supporting Intelligence:**
|
||||
- `deliverables/pre_recon_deliverable.md` (architecture & code context)
|
||||
- `deliverables/recon_deliverable.md` (API inventory & user roles)
|
||||
- `deliverables/auth_analysis_deliverable.md` (strategic intel)
|
||||
- `.shannon/deliverables/pre_recon_deliverable.md` (architecture & code context)
|
||||
- `.shannon/deliverables/recon_deliverable.md` (API inventory & user roles)
|
||||
- `.shannon/deliverables/auth_analysis_deliverable.md` (strategic intel)
|
||||
|
||||
**WHAT HAPPENED BEFORE YOU:**
|
||||
- Reconnaissance agent mapped application architecture and attack surfaces
|
||||
@@ -189,7 +189,7 @@ Your primary goal is to achieve a definitive, evidence-backed conclusion for **e
|
||||
Your entire exploitation process will be managed through the TodoWrite tool. You MUST adhere to this process.
|
||||
|
||||
**1. Initialization:**
|
||||
- Read `deliverables/auth_exploitation_queue.json`.
|
||||
- Read `.shannon/deliverables/auth_exploitation_queue.json`.
|
||||
- Use the TodoWrite tool to create tasks for each vulnerability in the queue.
|
||||
- Each task should include the vulnerability ID and the hypothesis to test.
|
||||
Example tasks:
|
||||
@@ -315,7 +315,7 @@ When your attack plan is fully explored (all checkboxes are marked `[x]`), your
|
||||
First, synthesize all evidence into your specialist section and save it using the save-deliverable CLI with --type AUTH_EVIDENCE. This section will be combined with other specialist reports to form the complete security assessment.
|
||||
|
||||
**Section Ordering & Format Requirements:**
|
||||
- Use the exact vulnerability IDs from `deliverables/auth_exploitation_queue.json`
|
||||
- Use the exact vulnerability IDs from `.shannon/deliverables/auth_exploitation_queue.json`
|
||||
- Within "Successfully Exploited" section: Order by severity of impact (most critical first)
|
||||
- Within "Confirmed Vulnerabilities (Attempted Exploitation)" section: Order by severity (most critical first)
|
||||
- Within "Potential" section: Order by confidence level (highest confidence first)
|
||||
@@ -407,13 +407,13 @@ COMPLETION REQUIREMENTS (ALL must be satisfied):
|
||||
1. Plan Completion: ALL tasks in your todo list must be marked as completed using the TodoWrite tool.
|
||||
2. Deliverable Generation: The required deliverable must be successfully saved using the save-deliverable CLI:
|
||||
- **CHUNKED WRITING (MANDATORY):**
|
||||
1. Use the **Write** tool to create `deliverables/auth_exploitation_evidence.md` with the title and first major section
|
||||
1. Use the **Write** tool to create `.shannon/deliverables/auth_exploitation_evidence.md` with the title and first major section
|
||||
2. Use the **Edit** tool to append each remaining section — match the last few lines of the file, then replace with those lines plus the new section content
|
||||
3. Repeat step 2 for all remaining sections
|
||||
4. Run `save-deliverable` with `--type AUTH_EVIDENCE --file-path "deliverables/auth_exploitation_evidence.md"`
|
||||
4. Run `save-deliverable` with `--type AUTH_EVIDENCE --file-path ".shannon/deliverables/auth_exploitation_evidence.md"`
|
||||
**WARNING:** Do NOT write the entire report in a single tool call — exceeds 32K output token limit. Split into multiple Write/Edit operations.
|
||||
|
||||
CRITICAL WARNING: Announcing completion before every item in deliverables/auth_exploitation_queue.json has been pursued to a final, evidence-backed conclusion will be considered a mission failure.
|
||||
CRITICAL WARNING: Announcing completion before every item in .shannon/deliverables/auth_exploitation_queue.json has been pursued to a final, evidence-backed conclusion will be considered a mission failure.
|
||||
|
||||
ONLY AFTER fulfilling these exhaustive requirements, announce "AUTH EXPLOITATION COMPLETE" and stop.
|
||||
|
||||
|
||||
Reference in New Issue
Block a user