From b2308617b87e7c9c0693bdd722ab14cb30cf1182 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=85=AC=E6=98=8E?= <83812544+Ed1s0nZ@users.noreply.github.com> Date: Tue, 26 May 2026 17:54:11 +0800 Subject: [PATCH] Add files via upload --- internal/app/project_fact_tools.go | 42 ++++++++++++++----- .../multiagent/orchestrator_instruction.go | 7 +++- 2 files changed, 36 insertions(+), 13 deletions(-) diff --git a/internal/app/project_fact_tools.go b/internal/app/project_fact_tools.go index efef739d..3a2a5229 100644 --- a/internal/app/project_fact_tools.go +++ b/internal/app/project_fact_tools.go @@ -10,6 +10,7 @@ import ( "cyberstrike-ai/internal/database" "cyberstrike-ai/internal/mcp" "cyberstrike-ai/internal/mcp/builtin" + "cyberstrike-ai/internal/project" "go.uber.org/zap" ) @@ -46,27 +47,32 @@ func registerProjectFactTools(mcpServer *mcp.Server, db *database.DB, cfg *confi } upsertTool := mcp.Tool{ - Name: builtin.ToolUpsertProjectFact, - Description: "写入或更新项目黑板事实。用于记录环境认知、目标信息、认证特征等(非正式漏洞条目)。同 fact_key 会覆盖更新。需要当前对话已绑定项目。", - ShortDescription: "写入/更新项目事实", + Name: builtin.ToolUpsertProjectFact, + Description: "写入或更新项目黑板事实,用于跨会话沉淀可复现上下文(非正式漏洞条目;可交付漏洞另用 record_vulnerability)。" + + "禁止仅写结论:summary 须含什么+在哪+如何验证;body 须含攻击链/请求响应/命令等复现细节。" + + "发现类建议 fact_key 为 finding|chain|exploit|poc/,category 对应 finding|chain|exploit|poc,body 按攻击链模板填写。" + + "环境类用 target|auth|infra|business/。同 fact_key 覆盖更新。需当前对话已绑定项目。", + ShortDescription: "写入/更新项目事实(含攻击链 body)", InputSchema: map[string]interface{}{ "type": "object", "properties": map[string]interface{}{ "fact_key": map[string]interface{}{ "type": "string", - "description": "项目内唯一 key,建议格式 category/slug,如 target/primary_domain", + "description": "项目内唯一 key:target/primary_domain、finding/sqli-login、exploit/upload-rce 等", }, "category": map[string]interface{}{ "type": "string", - "description": "分类:target、auth、infra、business、note 等", + "description": "target | auth | infra | business | finding | chain | exploit | poc | note", + "enum": []string{"target", "auth", "infra", "business", "finding", "chain", "exploit", "poc", "note"}, }, "summary": map[string]interface{}{ "type": "string", - "description": "单行摘要(会注入到后续对话索引)", + "description": "索引用一行:结论 + 位置 + 触发/验证要点(勿仅写「存在 XSS」等空话)", }, "body": map[string]interface{}{ - "type": "string", - "description": "完整详情(POC、长文本等,仅 get_project_fact 返回)", + "type": "string", + "description": "完整可复现详情(仅 get_project_fact 返回):须含攻击链步骤、原始 HTTP/命令、响应现象、证据与关联。" + + "发现/利用类必填;环境类建议含来源证据。攻击链类可参考模板章节:结论、目标与入口、攻击链、Exploit/POC、关键证据、关联、备注", }, "confidence": map[string]interface{}{ "type": "string", @@ -116,7 +122,11 @@ func registerProjectFactTools(mcpServer *mcp.Server, db *database.DB, cfg *confi if err != nil { return textResult("错误: "+err.Error(), true), nil } - return textResult(fmt.Sprintf("事实已保存。\nfact_key: %s\nid: %s\nconfidence: %s", created.FactKey, created.ID, created.Confidence), false), nil + msg := fmt.Sprintf("事实已保存。\nfact_key: %s\nid: %s\nconfidence: %s", created.FactKey, created.ID, created.Confidence) + if warn := project.SparseBodyWarningIfNeeded(f.Category, f.FactKey, f.Body); warn != "" { + msg += warn + } + return textResult(msg, false), nil }) getTool := mcp.Tool{ @@ -144,8 +154,18 @@ func registerProjectFactTools(mcpServer *mcp.Server, db *database.DB, cfg *confi if err != nil { return textResult("错误: "+err.Error(), true), nil } - msg := fmt.Sprintf("fact_key: %s\ncategory: %s\nconfidence: %s\nsummary: %s\nupdated_at: %s\n\n--- body ---\n%s", - f.FactKey, f.Category, f.Confidence, f.Summary, f.UpdatedAt.Format("2006-01-02 15:04:05"), f.Body) + msg := fmt.Sprintf("fact_key: %s\ncategory: %s\nconfidence: %s\nsummary: %s\nupdated_at: %s", + f.FactKey, f.Category, f.Confidence, f.Summary, f.UpdatedAt.Format("2006-01-02 15:04:05")) + if f.RelatedVulnerabilityID != "" { + msg += fmt.Sprintf("\nrelated_vulnerability_id: %s", f.RelatedVulnerabilityID) + } + if f.SourceConversationID != "" { + msg += fmt.Sprintf("\nsource_conversation_id: %s", f.SourceConversationID) + } + msg += "\n\n--- body ---\n" + f.Body + if warn := project.SparseBodyWarningIfNeeded(f.Category, f.FactKey, f.Body); warn != "" { + msg += warn + } return textResult(msg, false), nil }) diff --git a/internal/multiagent/orchestrator_instruction.go b/internal/multiagent/orchestrator_instruction.go index c5bf840e..e7755fef 100644 --- a/internal/multiagent/orchestrator_instruction.go +++ b/internal/multiagent/orchestrator_instruction.go @@ -6,6 +6,7 @@ import ( "cyberstrike-ai/internal/agents" "cyberstrike-ai/internal/config" "cyberstrike-ai/internal/mcp/builtin" + "cyberstrike-ai/internal/project" ) // DefaultPlanExecuteOrchestratorInstruction 当未配置 plan_execute 专用 Markdown / YAML 时的内置主代理(规划/重规划侧)提示。 @@ -108,7 +109,9 @@ func DefaultPlanExecuteOrchestratorInstruction() string { ## 项目黑板(事实)与漏洞记录(分离) -绑定项目时会自动注入黑板索引(fact_key + 摘要)。**摘要不足必须 ` + builtin.ToolGetProjectFact + `(fact_key) 取 body,禁止臆造。** 环境认知用 ` + builtin.ToolUpsertProjectFact + `(key 如 target/primary_domain);正式漏洞用 ` + builtin.ToolRecordVulnerability + `(记前可先 ` + builtin.ToolListVulnerabilities + ` 防重复,详情用 ` + builtin.ToolGetVulnerability + `);二者可各记一次。误报用 ` + builtin.ToolDeprecateProjectFact + `。漏洞查询默认仅当前项目(未绑项目则仅当前会话)。 +绑定项目时会自动注入黑板索引(fact_key + 摘要)。**摘要不足必须 ` + builtin.ToolGetProjectFact + `(fact_key) 取 body,禁止臆造。** 环境认知用 ` + builtin.ToolUpsertProjectFact + `(key 如 target/primary_domain);发现/利用上下文用 finding|chain|exploit|poc/ 前缀且 body 含完整攻击链与 POC;正式漏洞用 ` + builtin.ToolRecordVulnerability + `(记前可先 ` + builtin.ToolListVulnerabilities + ` 防重复,详情用 ` + builtin.ToolGetVulnerability + `);二者可各记一次。误报用 ` + builtin.ToolDeprecateProjectFact + `。漏洞查询默认仅当前项目(未绑项目则仅当前会话)。 + +` + project.FactRecordingGuidanceBlock() + ` 严重程度:critical / high / medium / low / info。证明须含足够证据。 @@ -206,7 +209,7 @@ func DefaultSupervisorOrchestratorInstruction() string { - **委派优先**:可独立封装、需要专项上下文的子目标(枚举、验证、归纳、报告素材)优先 transfer 给匹配子代理,并在委派说明中写清:子目标、约束、期望交付物结构、证据要求。 - **亲自执行**:仅当无合适专家、需全局衔接或子代理结果不足时,由你直接调用工具。 - **汇总**:子代理输出是证据来源;你要对齐矛盾、补全上下文,给出统一结论与可复现验证步骤,避免机械拼接。 -- **事实与漏洞**:环境认知用 ` + builtin.ToolUpsertProjectFact + `;正式漏洞用 ` + builtin.ToolRecordVulnerability + `,查询用 ` + builtin.ToolListVulnerabilities + ` / ` + builtin.ToolGetVulnerability + `;索引摘要不足时必须 ` + builtin.ToolGetProjectFact + ` 取详情。 +- **事实与漏洞**:环境认知用 ` + builtin.ToolUpsertProjectFact + `;发现/利用须用 finding|chain|exploit|poc/ 类 key 并在 body 写全攻击链与 POC;正式漏洞用 ` + builtin.ToolRecordVulnerability + `,查询用 ` + builtin.ToolListVulnerabilities + ` / ` + builtin.ToolGetVulnerability + `;索引摘要不足时必须 ` + builtin.ToolGetProjectFact + ` 取详情。 ## transfer 交接与防重复劳动