mirror of
https://github.com/KeygraphHQ/shannon.git
synced 2026-05-26 18:38:18 +02:00
ezl-keygraph
95998d1a44
* feat(steerability): add config-driven profile with code_path avoid enforcement * fix(steerability): write SDK deny rules once per workflow to avoid parallel-agent race * fix(steerability): reference guidance by pointer in report DROP rules * fix(steerability): tighten code_path avoid enforcement * chore(steerability): use shared ALL_VULN_CLASSES const and tighten RunScope type * fix(steerability): validate run scope before resume short-circuit * fix(steerability): emit only documented Read/Edit deny rules for code_path * fix(steerability): assemble report from analysis deliverables when exploit is disabled * feat(steerability): preflight check that code_path rules match at least one repo entry * fix(steerability): tag missing code_path entries with avoid/focus kind * revert(steerability): assemble report from analysis deliverables when exploit is disabled * feat(steerability): render per-class findings from queue JSON when exploit is disabled * refactor(steerability): trim findings renderer to common mappable rows * feat(steerability): allow report agent to rewrite category-label finding titles * docs(steerability): document new config fields in README and CLAUDE.md * docs(steerability): comment out optional config sections in examples
218 lines
7.2 KiB
JSON
218 lines
7.2 KiB
JSON
{
|
|
"$schema": "http://json-schema.org/draft-07/schema#",
|
|
"$id": "https://example.com/pentest-config-schema.json",
|
|
"title": "Penetration Testing Configuration Schema",
|
|
"description": "Schema for YAML configuration files used in the penetration testing agent",
|
|
"type": "object",
|
|
"properties": {
|
|
"authentication": {
|
|
"type": "object",
|
|
"description": "Authentication configuration for the target application",
|
|
"properties": {
|
|
"login_type": {
|
|
"type": "string",
|
|
"enum": ["form", "sso", "api", "basic"],
|
|
"description": "Type of authentication mechanism"
|
|
},
|
|
"login_url": {
|
|
"type": "string",
|
|
"format": "uri",
|
|
"description": "URL for the login page or endpoint"
|
|
},
|
|
"credentials": {
|
|
"type": "object",
|
|
"description": "Login credentials",
|
|
"properties": {
|
|
"username": {
|
|
"type": "string",
|
|
"minLength": 1,
|
|
"maxLength": 255,
|
|
"description": "Username or email for authentication"
|
|
},
|
|
"password": {
|
|
"type": "string",
|
|
"minLength": 1,
|
|
"maxLength": 255,
|
|
"description": "Password for authentication"
|
|
},
|
|
"totp_secret": {
|
|
"type": "string",
|
|
"pattern": "^[A-Za-z2-7]+=*$",
|
|
"description": "TOTP secret for two-factor authentication (Base32 encoded, case insensitive)"
|
|
}
|
|
},
|
|
"required": ["username", "password"],
|
|
"additionalProperties": false
|
|
},
|
|
"login_flow": {
|
|
"type": "array",
|
|
"description": "Step-by-step instructions for the login process",
|
|
"items": {
|
|
"type": "string",
|
|
"minLength": 1,
|
|
"maxLength": 500
|
|
},
|
|
"minItems": 1,
|
|
"maxItems": 20
|
|
},
|
|
"success_condition": {
|
|
"type": "object",
|
|
"description": "Condition that indicates successful authentication",
|
|
"properties": {
|
|
"type": {
|
|
"type": "string",
|
|
"enum": ["url_contains", "element_present", "url_equals_exactly", "text_contains"],
|
|
"description": "Type of success condition to check"
|
|
},
|
|
"value": {
|
|
"type": "string",
|
|
"minLength": 1,
|
|
"maxLength": 500,
|
|
"description": "Value to match against the success condition"
|
|
}
|
|
},
|
|
"required": ["type", "value"],
|
|
"additionalProperties": false
|
|
}
|
|
},
|
|
"required": ["login_type", "login_url", "credentials", "success_condition"],
|
|
"additionalProperties": false
|
|
},
|
|
"pipeline": {
|
|
"type": "object",
|
|
"description": "Pipeline execution settings for retry behavior and concurrency",
|
|
"properties": {
|
|
"retry_preset": {
|
|
"type": "string",
|
|
"enum": ["default", "subscription"],
|
|
"description": "Retry preset. 'subscription' extends timeouts for Anthropic subscription rate limit windows (5h+)."
|
|
},
|
|
"max_concurrent_pipelines": {
|
|
"type": "string",
|
|
"pattern": "^[1-5]$",
|
|
"description": "Max concurrent vulnerability pipelines (1-5, default: 5)"
|
|
}
|
|
},
|
|
"additionalProperties": false
|
|
},
|
|
"rules": {
|
|
"type": "object",
|
|
"description": "Testing rules that define what to focus on or avoid during penetration testing",
|
|
"properties": {
|
|
"avoid": {
|
|
"type": "array",
|
|
"description": "Rules defining areas to avoid during testing",
|
|
"items": {
|
|
"$ref": "#/$defs/rule"
|
|
},
|
|
"maxItems": 50
|
|
},
|
|
"focus": {
|
|
"type": "array",
|
|
"description": "Rules defining areas to focus on during testing",
|
|
"items": {
|
|
"$ref": "#/$defs/rule"
|
|
},
|
|
"maxItems": 50
|
|
}
|
|
},
|
|
"additionalProperties": false
|
|
},
|
|
"vuln_classes": {
|
|
"type": "array",
|
|
"description": "Vulnerability classes to test. When omitted, all five classes run. When set, only listed classes run; their vuln+exploit agents and report sections are included.",
|
|
"items": {
|
|
"type": "string",
|
|
"enum": ["injection", "xss", "auth", "authz", "ssrf"]
|
|
},
|
|
"minItems": 1,
|
|
"maxItems": 5,
|
|
"uniqueItems": true
|
|
},
|
|
"exploit": {
|
|
"type": "string",
|
|
"enum": ["true", "false"],
|
|
"description": "Whether to run the exploitation phase (default true). Set false to run only analysis."
|
|
},
|
|
"report": {
|
|
"type": "object",
|
|
"description": "Report filtering and guidance applied by the report agent.",
|
|
"properties": {
|
|
"min_severity": {
|
|
"type": "string",
|
|
"enum": ["low", "medium", "high", "critical"],
|
|
"description": "Minimum severity threshold; findings below are dropped by the report agent."
|
|
},
|
|
"min_confidence": {
|
|
"type": "string",
|
|
"enum": ["low", "medium", "high"],
|
|
"description": "Minimum confidence threshold; findings below are dropped by the report agent."
|
|
},
|
|
"guidance": {
|
|
"type": "string",
|
|
"minLength": 1,
|
|
"maxLength": 500,
|
|
"description": "Free-text guidance to the report agent (e.g., 'Drop findings about missing security headers')."
|
|
}
|
|
},
|
|
"additionalProperties": false
|
|
},
|
|
"rules_of_engagement": {
|
|
"type": "string",
|
|
"minLength": 1,
|
|
"maxLength": 1000,
|
|
"description": "Free-text instructions to the agent that render into every prompt."
|
|
},
|
|
"login": {
|
|
"type": "object",
|
|
"description": "Deprecated: Use 'authentication' section instead",
|
|
"deprecated": true
|
|
},
|
|
"description": {
|
|
"type": "string",
|
|
"description": "Description of the target environment, its deployment context, and any information that helps guide the security assessment",
|
|
"minLength": 1,
|
|
"maxLength": 500,
|
|
"pattern": "\\S"
|
|
}
|
|
},
|
|
"anyOf": [
|
|
{ "required": ["authentication"] },
|
|
{ "required": ["rules"] },
|
|
{ "required": ["authentication", "rules"] },
|
|
{ "required": ["description"] },
|
|
{ "required": ["vuln_classes"] },
|
|
{ "required": ["exploit"] },
|
|
{ "required": ["report"] },
|
|
{ "required": ["rules_of_engagement"] }
|
|
],
|
|
"additionalProperties": false,
|
|
"$defs": {
|
|
"rule": {
|
|
"type": "object",
|
|
"description": "A single testing rule",
|
|
"properties": {
|
|
"description": {
|
|
"type": "string",
|
|
"minLength": 1,
|
|
"maxLength": 200,
|
|
"description": "Human-readable description of the rule"
|
|
},
|
|
"type": {
|
|
"type": "string",
|
|
"enum": ["url_path", "subdomain", "domain", "method", "header", "parameter", "code_path"],
|
|
"description": "Type of rule (what aspect of requests or source code to match against)"
|
|
},
|
|
"value": {
|
|
"type": "string",
|
|
"minLength": 1,
|
|
"maxLength": 1000,
|
|
"description": "Value to match"
|
|
}
|
|
},
|
|
"required": ["description", "type", "value"],
|
|
"additionalProperties": false
|
|
}
|
|
}
|
|
}
|