salvacybersec
448d1cdcd9
feat(install): add OpenCode target + InternalAllTheThings knowledge base
...
- install_opencode: deploys 29 personas as agents + 1011 skills to
~/.config/opencode/{agents,skills}/. Uses OpenCode's markdown+YAML
agent format (mode/color/permission) and SKILL.md format.
- Topic filter with sensible defaults (drops marketing/biz ~514 skills).
CLI: --opencode-topics security-offensive,coding-backend,...
- Clone of swisskyrepo/InternalAllTheThings (168 MD, 1.7MB) added to
_shared/ as a reference trove for AD attack paths, ADCS ESC1-15,
Kerberos delegation, NTLM relay/coerce, lateral movement, persistence.
- NEO redteam + VORTEX cloud-ad personas reference the new KB with
MITRE ATT&CK TTP mapping pointers.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-16 03:11:44 +03:00
salvacybersec
309e389c65
feat(install): add --install claude-skills with category filters
...
New install target copies _shared/skills/**/SKILL.md directories to
~/.claude/skills/<name>/ as native Claude Code skills, with filters to
keep the list manageable (Claude evaluates each skill description on
every message, so 800+ bulk installs slow routing).
Filters (apply to cybersecurity-domain skills only; non-cyber sources
like paperclip/community pass through):
--skill-sources comma-list of _shared/<dir> (default: skills,paperclip-skills)
--skill-subdomains SKILL.md frontmatter subdomain filter
--skill-prefix verb-prefix filter (performing,detecting,hunting,...)
--skill-exclude regex blocklist
--skill-dry-run preview
--skill-force overwrite existing
Presets (set subdomains+prefix together):
offensive red-team/pentest/web/api/IAM × performing,exploiting,testing,hunting,analyzing,scanning
defensive DFIR/IR/SOC/endpoint/malware × detecting,analyzing,hunting,implementing,building
ctiops threat-intel+hunting+malware × analyzing,hunting,detecting
minimal top 5 subdomains × top 5 verbs
all no filters
Also purges broken ~/.claude/skills/Anthropic-Cybersecurity-Skills/
(whole-repo dir from an older flow — not a valid skill).
Examples:
python3 build.py --install claude-skills --skill-preset offensive
python3 build.py --install claude-skills --skill-preset ctiops --skill-sources skills
python3 build.py --install claude-skills --skill-preset all # 754 cyber skills
python3 build.py --install claude-skills --skill-preset minimal \
--skill-sources skills,paperclip-skills,community-skills # 859 total
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-13 21:37:29 +03:00
salvacybersec
1306f422d3
fix(install_claude): emit native Claude Code agent format (.md + YAML frontmatter)
...
Previously wrote .yml files to ~/.claude/agents/ which Claude Code ignores —
only native .md with YAML frontmatter (name/description/tools/color) appears
in the subagent picker. Now 29 personas are spawnable via
Agent(subagent_type=<codename>) alongside native agents.
Also:
- Tool scoping per domain: offensive/dev get Bash+Write, intel/analysis
stay read-only (Read, Glob, Grep, WebFetch, WebSearch)
- Slash command naming normalized: /persona-neo-general.prompt
→ /persona-neo (general) + /persona-neo-redteam (variants)
- Legacy .yml agents purged on each install
- Domain-based color palette for /agents picker grouping
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-13 21:31:45 +03:00
salvacybersec
d2add20055
reorganize
2026-04-11 21:19:12 +03:00
salvacybersec
d18418548d
feat: --install claude now deploys agents to /agents menu
...
install_claude() now creates both:
- 111 slash commands in ~/.claude/commands/ (persona-neo-general etc.)
- 29 agent .yml files in ~/.claude/agents/ (visible in /agents menu)
Each agent includes Soul, Methodology, Behavior sections + mapped skills.
Agents appear alongside GSD agents in the /agents picker.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-06 22:31:50 +03:00
salvacybersec
88ef52a82d
feat: test suite + skill search + config-based mapping + custom skills
...
Test suite (personas/_tests/):
- 8 persona test files: neo, frodo, oracle, ghost, forge, sentinel, architect, scholar, gambit
- 43 test cases validating tone, keywords, escalation, confidence, language
- Run: python3 build.py --test (all) or --test neo (specific)
Skill search:
- BM25-like scoring across 795 skills with header boost
- Run: python3 build.py --search "pentest active directory"
Config-based skill mapping:
- SKILL_PERSONA_MAP moved to DEFAULT_SKILL_PERSONA_MAP
- Users can override in config.yaml via skill_persona_map: key
- load_skill_persona_map() merges defaults + user config
New Claude skills (custom for Salva's workflow):
- pentest-reporter: Turkish/English pentest report generator, Kill Chain Scanner format
- intel-briefing: IC-format intelligence products (EXEC_SUMMARY, FULL_INTEL_REPORT, JSON)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-06 22:28:17 +03:00
salvacybersec
a043f3abcc
feat: Paperclip company agents + enhanced install
...
Paperclip install now deploys 52 agents (29 persona + 23 company) + 73 skills:
- Company agents from paperclip-docs: Odin (CEO), Thor (CTO), Freya (CMO),
Frigg (COO), Heimd (PM), Bragi (Lead Dev), Vali (Backend), Vidar (Frontend),
Heimdall (DevOps), Njord (SysAdmin), Forseti (QA), Tyr (Security),
Eir (UI/UX), Kvasir (Data/ML), Loki (Social), Idunn (Content),
Mimir (Research), Saga (SEO), Baldur (Support), Hermod (HR),
Modir (Operations), Dvalin (Finance)
- Skills now include both shared-skills (42) + paperclip-skills (31) = 73
Source definitions stored at personas/_shared/paperclip-agents/
Each agent has: SOUL.md + hermes-config.yaml + AGENTS.md
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-06 21:33:27 +03:00
salvacybersec
9bbfa3092d
feat: add --install paperclip to build system
...
Generates Paperclip-compatible agent output per persona:
- agents/<codename>/SOUL.md — identity, skills, escalation, full prompt
- agents/<codename>/hermes-config.yaml — model, provider, MCP, toolsets
- agents/<codename>/AGENTS.md — workspace overview with org connections
- skills/ — 42 shared skills copied in SKILL.md + references format
Usage: python3 build.py --install paperclip
Output: generated/_paperclip/ (29 agents + 42 skills)
Full platform matrix now: claude, antigravity, gemini, openclaw, paperclip, all
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-06 21:16:45 +03:00
salvacybersec
8a0b6d7895
feat: integrate all shared libraries directly into repo
...
Shared library now lives at personas/_shared/ with full source data:
- skills/ — 42 skills from shared-skills + kali-claw (SKILL.md + references)
- paperclip-skills/ — 52 skills from paperclip-docs (ceo-advisor, coding-agent, etc.)
- design-md/ — 58 brand DESIGN.md files (Stripe, Claude, Linear, Apple, Vercel...)
- ui-ux-pro-max/ — BM25 search engine + 14 CSV data files (67 styles, 161 products)
- openclaw-personas/ — 6 original personas + SOUL.md + IDENTITY.md + TOOLS.md
- kali-tools/ — 16 Kali Linux tool reference docs
- osint-sources/ + ad-attack-tools/ — investigation references
Build system enhancements:
- Skills auto-mapped to personas via SKILL_PERSONA_MAP (domain-based)
- Each persona JSON/YAML output now includes "skills" array
- generated/_index/skills_index.json indexes all 42+52 skills + 58 brands + 14 data files
- Skills, escalation graph, and trigger index all generated per build
Sources: shared-skills (Gitea), kali-claw (Gitea), paperclip-docs (Born2beRoot),
awesome-design-md (VoltAgent), ui-ux-pro-max-skill (nextlevelbuilder)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-06 21:10:30 +03:00
salvacybersec
1a3fea615a
feat: major expansion — 3 new variants, enhanced build system, platform auto-install
...
New persona variants:
- forge/frontend-design — DESIGN.md methodology, 58-brand reference, UI/UX intelligence
- oracle/source-verification — 5-section forensic verification protocol (ethos/pathos/context/intent/logos)
- sentinel/c2-hunting — 6-phase C2 hunting with beaconing detection, detection engineering
Enhanced existing personas:
- neo: Added Active Directory exploitation (Kerberoasting, DCSync, delegation), network pivoting, cloud attacks
- frodo: Added response mode auto-detection, claim extraction, Devil's Advocate, explicit uncertainty tracking
- ghost: Added cognitive warfare expertise (behavioral science weaponization, algorithmic amplification)
Build system enhancements:
- Cross-persona escalation graph auto-extracted → generated/_index/escalation_graph.json
- Trigger→persona routing index → generated/_index/trigger_index.json
- Quality validation with warnings for thin/missing sections
- Section word counts injected into every output
- Richer CATALOG.md with depth stats, escalation paths, trigger index
Platform auto-install:
- python3 build.py --install claude — 111 slash commands → ~/.claude/commands/
- python3 build.py --install antigravity — personas → ~/.config/antigravity/personas/
- python3 build.py --install gemini — Gems → generated/_gems/
- python3 build.py --install openclaw — IDENTITY.md + personas → generated/_openclaw/
- python3 build.py --install all — deploy to all platforms
Shared reference library:
- personas/_shared/kali-tools/ — 16 Kali Linux tool reference docs
- personas/_shared/osint-sources/ — OSINT master reference
- personas/_shared/ad-attack-tools/ — AD attack chain reference
Stats: 29 personas, 111 variants, 59,712 words
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-06 21:04:47 +03:00
salvacybersec
4865ec8204
fix: rename .generated → generated for easy access
...
Hidden dot-prefix removed for ergonomic shell navigation.
Still gitignored — build output is user-specific.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-03-22 10:35:15 +03:00
salvacybersec
6601d55e59
feat: 30 new variants — deep intel/military + professional specializations
...
Intel/Military Deep (18 variants):
frodo/pakistan, india, nato-alliance, nuclear, energy-geopolitics, turkey
marshal/russian-doctrine, chinese-doctrine, turkish-doctrine, iranian-military
warden/drone-warfare, naval-warfare, electronic-warfare
centurion/ukraine-russia, ottoman-wars
wraith/case-studies (Ames, Penkovsky, Cambridge Five)
echo/electronic-order-of-battle
ghost/russian-info-war (IRA, GRU cyber, dezinformatsiya)
scribe/cold-war-ops (CIA/KGB ops, VENONA, Gladio)
Professional Specializations (12 variants):
neo/social-engineering, mobile-security
phantom/bug-bounty
specter/firmware
bastion/incident-commander
sentinel/darknet
oracle/crypto-osint
marshal/wargaming
corsair/proxy-warfare
polyglot/swahili
forge/agent-dev
Dynamic config system:
config.yaml — user-specific settings
config.example.yaml — template for new users
build.py — config-aware with {{variable}} injection + conditionals
Total: 108 prompt files, 20,717 lines, 29 personas
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-03-22 02:38:41 +03:00
salvacybersec
19ef1da170
init: project structure, templates, build system
...
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-03-22 00:26:28 +03:00