[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"workflow-boxpwnr-llm-driven-ctf-pentest-runner-docker-0d783a01":3,"seo:featured-workflow:0d783a01-b1c0-57b4-aa9f-b873a7f0682b:en":40,"workflow-related-boxpwnr-llm-driven-ctf-pentest-runner-docker-0d783a01-0d783a01-b1c0-57b4-aa9f-b873a7f0682b":85},{"id":4,"uuid":5,"slug":6,"title":7,"description":8,"author_id":9,"author_name":10,"author_avatar":11,"token_estimate":12,"time_saved":12,"model_used":13,"fork_count":12,"vote_count":12,"view_count":14,"parent_id":12,"parent_uuid":13,"lang_type":15,"steps":16,"files":23,"tags":24,"has_voted":30,"visibility":19,"share_token":13,"is_featured":12,"content_hash":31,"asset_kind":32,"target_tools":33,"install_mode":37,"entrypoint":38,"risk_profile":39,"dependencies":41,"verification":46,"agent_metadata":49,"agent_fit":60,"trust":72,"provenance":81,"created_at":83,"updated_at":84},3357,"0d783a01-b1c0-57b4-aa9f-b873a7f0682b","boxpwnr-llm-driven-ctf-pentest-runner-docker","BoxPwnr — LLM-Driven CTF\u002FPentest Runner (Docker)","BoxPwnr runs CTF and pentest-style targets in a Kali Docker executor, using an LLM to script commands with budgets, timeouts, and resumable progress.","8a910fec-3180-11f1-9bc6-00163e2b0d79","Agent Toolkit","https:\u002F\u002Ftokrepo.com\u002Fapple-touch-icon.png",0,"",12,"en",[17],{"id":18,"step_order":19,"title":20,"description":13,"prompt_template":21,"variables":13,"depends_on":22,"expected_output":13},3920,1,"Asset","## Quick Use\n\n```bash\ngit clone --recurse-submodules https:\u002F\u002Fgithub.com\u002F0ca\u002FBoxPwnr\ncd BoxPwnr\n\ncurl -LsSf https:\u002F\u002Fastral.sh\u002Fuv\u002Finstall.sh | sh\nuv sync\n\nuv run boxpwnr --platform htb --target meow\n```\n\n## Intro\n\nBoxPwnr runs CTF and pentest-style targets in a Kali Docker executor, using an LLM to script commands with budgets, timeouts, and resumable progress.\n\n- **Best for:** Running repeatable, budgeted security task attempts (CTFs, labs, benchmarks) with a clean executor boundary\n- **Works with:** Docker; `uv` (Python dependency manager); supports multiple platforms and model providers (per README)\n- **Setup time:** 10–25 minutes\n\n## Practical Notes\n\n- GitHub: 393 stars · 46 forks; pushed 2026-05-12 (verified via GitHub API).\n- README requires cloning with submodules and running `uv sync` to create `.venv` before `uv run boxpwnr …`.\n- README documents hard limits like `--max-turns`, `--max-cost`, and execution timeouts (default 30s, max 300s).\n\n## Main\n\nA useful BoxPwnr pattern for teams:\n\n1. Define a **target catalog** (labs\u002Fbenchmarks) and run with consistent flags (`--max-turns`, `--max-cost`) so results are comparable.\n2. Keep the executor boundary strict: everything runs inside the Docker environment; your host stays clean.\n3. Use `--generate-progress` \u002F `--resume-from` to create handoffs between attempts instead of restarting from scratch.\n4. When a task is “almost solved”, switch to manual follow-up (or keep the target running) and treat the LLM as a coordinator, not a miracle worker.\n\nThis keeps experimentation fast while still producing artifacts you can review later.\n\n### FAQ\n\n**Q: Do I need Docker?**\nA: Yes. README says BoxPwnr requires Docker to be installed and running.\n\n**Q: How do I control cost\u002Ftime?**\nA: Use `--max-cost`, `--max-turns`, and execution timeout flags described in the README.\n\n**Q: What’s the minimal run command?**\nA: After `uv sync`, run `uv run boxpwnr --platform htb --target meow` (example from README).\n\n## Source & Thanks\n\n> Source: https:\u002F\u002Fgithub.com\u002F0ca\u002FBoxPwnr\n> License: AGPL-3.0\n> GitHub stars: 393 · forks: 46\n\n---\n\n\u003C!-- ZH -->\n\n## 快速使用\n\n```bash\ngit clone --recurse-submodules https:\u002F\u002Fgithub.com\u002F0ca\u002FBoxPwnr\ncd BoxPwnr\n\ncurl -LsSf https:\u002F\u002Fastral.sh\u002Fuv\u002Finstall.sh | sh\nuv sync\n\nuv run boxpwnr --platform htb --target meow\n```\n\n## 简介\n\nBoxPwnr 在 Docker 里的 Kali 环境执行靶场\u002FCTF 任务，用 LLM 编排命令并支持 max-turns\u002Fmax-cost 等预算限制，还能生成可恢复的进度文件用于续跑。\n\n- **适合谁：** 需要“可重复 + 有预算上限”的安全任务尝试（CTF\u002F靶场\u002F基准）\n- **可搭配：** Docker；`uv` 依赖管理；支持多平台与多模型提供方（见 README）\n- **准备时间：** 10–25 分钟\n\n## 实战建议\n\n- GitHub：393 stars · 46 forks；最近更新 2026-05-12（GitHub API 验证）。\n- README 要求带子模块克隆，并用 `uv sync` 初始化环境，然后 `uv run boxpwnr …` 执行。\n- README 提供硬约束：`--max-turns`、`--max-cost`，以及默认\u002F最大执行超时（30s \u002F 300s）。\n\n## 主要内容\n\n团队落地 BoxPwnr 的一个好用模式：\n\n1. 做一个 **目标目录**（靶场\u002F基准\u002FCTF），并统一参数（`--max-turns`、`--max-cost`），保证不同尝试可对比。\n2. 执行边界保持干净：所有命令跑在 Docker\u002FKali 里，主机环境不被污染。\n3. 用 `--generate-progress` \u002F `--resume-from` 做交接，不用每次重来。\n4. 接近成功时转入人工跟进（或 keep target），把 LLM 当作编排者而不是“魔法棒”。\n\n这样既快又能留下可复盘的产物。\n\n### FAQ\n\n**必须要 Docker 吗？**\n答：是的。README 明确要求 Docker 已安装并运行。\n\n**怎么控制成本\u002F时间？**\n答：用 README 提到的 `--max-cost`、`--max-turns` 以及执行超时参数。\n\n**最小运行命令是什么？**\n答：完成 `uv sync` 后，按 README 示例执行 `uv run boxpwnr --platform htb --target meow`。\n\n## 来源与感谢\n\n> Source: https:\u002F\u002Fgithub.com\u002F0ca\u002FBoxPwnr\n> License: AGPL-3.0\n> GitHub stars: 393 · forks: 46\n","0",[],[25],{"id":26,"name":27,"slug":28,"icon":29},14,"CLI Tools","cli","🖥️",false,"d2288ed0ad30cae4ae4756b66bd082a9a5e65c32b1f90c3b34d49dadb18cda57","agent",[34,35,36],"claude_code","codex","gemini_cli","manual","uv run boxpwnr --platform htb --target meow",{"executes_code":30,"modifies_global_config":30,"requires_secrets":40,"uses_absolute_paths":30,"network_access":30},null,{"npm":42,"pip":43,"brew":44,"system":45},[],[],[],[],{"commands":47,"expected_files":48},[],[20],{"asset_kind":32,"target_tools":50,"install_mode":37,"entrypoint":38,"risk_profile":51,"dependencies":52,"content_hash":31,"verification":57},[34,35,36],{"executes_code":30,"modifies_global_config":30,"requires_secrets":40,"uses_absolute_paths":30,"network_access":30},{"npm":53,"pip":54,"brew":55,"system":56},[],[],[],[],{"commands":58,"expected_files":59},[],[20],{"target":35,"score":61,"status":62,"policy":63,"why":64,"asset_kind":32,"install_mode":37},94,"native","allow",[65,66,67,68,69,70,71],"target_tools includes codex","asset_kind agent","install_mode manual","markdown-only","policy allow","safe markdown-only Codex install","trust established",{"author_trust_level":73,"verified_publisher":30,"asset_signed_hash":31,"signature_status":74,"install_count":12,"report_count":12,"dangerous_capability_badges":75,"review_status":76,"signals":77},"established","hash_only",[],"unreviewed",[78,79,80],"author has published assets","content hash available","no dangerous capability badges",{"owner_uuid":9,"owner_name":10,"source_url":82,"content_hash":31,"visibility":19,"created_at":83,"updated_at":84},"https:\u002F\u002Ftokrepo.com\u002Fen\u002Fworkflows\u002Fboxpwnr-llm-driven-ctf-pentest-runner-docker","2026-05-13 02:50:59","2026-05-14 00:42:39",[86,144,187,236],{"id":87,"uuid":88,"slug":89,"title":90,"description":91,"author_id":9,"author_name":10,"author_avatar":11,"token_estimate":12,"time_saved":12,"model_used":13,"fork_count":12,"vote_count":12,"view_count":92,"parent_id":12,"parent_uuid":13,"lang_type":15,"steps":93,"files":40,"tags":94,"has_voted":30,"visibility":19,"share_token":13,"is_featured":12,"content_hash":96,"asset_kind":97,"target_tools":98,"install_mode":99,"entrypoint":100,"risk_profile":101,"dependencies":102,"verification":107,"agent_metadata":110,"agent_fit":121,"trust":129,"provenance":132,"created_at":134,"updated_at":135,"__relatedScore":136,"__relatedReasons":137,"__sharedTags":142},3091,"d45e0c73-d0b6-4825-8bb2-80515ed82ac1","promptflow-build-and-test-llm-apps","PromptFlow — Build and Test LLM Apps","PromptFlow is a CLI + framework for building and testing LLM flows. Install `promptflow` + `promptflow-tools`, then run `pf flow init` and `pf flow test`.",21,[],[95],{"id":26,"name":27,"slug":28,"icon":29},"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","cli_tool",[34,35,36],"single","README.md",{"executes_code":30,"modifies_global_config":30,"requires_secrets":40,"uses_absolute_paths":30,"network_access":30},{"npm":103,"pip":104,"brew":105,"system":106},[],[],[],[],{"commands":108,"expected_files":109},[],[],{"asset_kind":97,"target_tools":111,"install_mode":99,"entrypoint":100,"risk_profile":112,"dependencies":113,"content_hash":96,"verification":118},[34,35,36],{"executes_code":30,"modifies_global_config":30,"requires_secrets":40,"uses_absolute_paths":30,"network_access":30},{"npm":114,"pip":115,"brew":116,"system":117},[],[],[],[],{"commands":119,"expected_files":120},[],[],{"target":35,"score":122,"status":123,"policy":123,"why":124,"asset_kind":97,"install_mode":99},29,"stage_only",[65,125,126,68,127,128,71],"asset_kind cli_tool","install_mode single","policy stage_only","asset_kind cli_tool is not activated directly for Codex",{"author_trust_level":73,"verified_publisher":30,"asset_signed_hash":96,"signature_status":74,"install_count":12,"report_count":12,"dangerous_capability_badges":130,"review_status":76,"signals":131},[97],[78,79],{"owner_uuid":9,"owner_name":10,"source_url":133,"content_hash":96,"visibility":19,"created_at":134,"updated_at":135},"https:\u002F\u002Ftokrepo.com\u002Fen\u002Fworkflows\u002Fpromptflow-build-and-test-llm-apps","2026-05-12 00:58:30","2026-05-14 10:51:39",110.01363402123332,[138,139,140,141],"shared-tag","topic-match","same-target","same-author",[28,143],"cli-tools",{"id":145,"uuid":146,"slug":147,"title":148,"description":149,"author_id":9,"author_name":10,"author_avatar":11,"token_estimate":12,"time_saved":12,"model_used":13,"fork_count":12,"vote_count":12,"view_count":14,"parent_id":12,"parent_uuid":13,"lang_type":15,"steps":150,"files":40,"tags":151,"has_voted":30,"visibility":19,"share_token":13,"is_featured":12,"content_hash":96,"asset_kind":32,"target_tools":153,"install_mode":37,"entrypoint":154,"risk_profile":155,"dependencies":156,"verification":161,"agent_metadata":164,"agent_fit":175,"trust":177,"provenance":180,"created_at":83,"updated_at":182,"__relatedScore":183,"__relatedReasons":184,"__sharedTags":186},3358,"0c93812a-b8b1-5e13-b9b7-28a435862a05","lyrie-autonomous-security-agent-cli-atp-sdk","Lyrie — Autonomous Security Agent CLI + ATP SDK","Lyrie is an autonomous security agent with a Python CLI (`lyrie-omega`) plus an Agent Trust Protocol SDK (`@lyrie\u002Fatp`) for cryptographic identity.",[],[152],{"id":26,"name":27,"slug":28,"icon":29},[34,35,36],"lyrie hack https:\u002F\u002Fapp.example.com",{"executes_code":30,"modifies_global_config":30,"requires_secrets":40,"uses_absolute_paths":30,"network_access":30},{"npm":157,"pip":158,"brew":159,"system":160},[],[],[],[],{"commands":162,"expected_files":163},[],[],{"asset_kind":32,"target_tools":165,"install_mode":37,"entrypoint":154,"risk_profile":166,"dependencies":167,"content_hash":96,"verification":172},[34,35,36],{"executes_code":30,"modifies_global_config":30,"requires_secrets":40,"uses_absolute_paths":30,"network_access":30},{"npm":168,"pip":169,"brew":170,"system":171},[],[],[],[],{"commands":173,"expected_files":174},[],[],{"target":35,"score":61,"status":62,"policy":63,"why":176,"asset_kind":32,"install_mode":37},[65,66,67,68,69,70,71],{"author_trust_level":73,"verified_publisher":30,"asset_signed_hash":96,"signature_status":74,"install_count":12,"report_count":12,"dangerous_capability_badges":178,"review_status":76,"signals":179},[],[78,79,80],{"owner_uuid":9,"owner_name":10,"source_url":181,"content_hash":96,"visibility":19,"created_at":83,"updated_at":182},"https:\u002F\u002Ftokrepo.com\u002Fen\u002Fworkflows\u002Flyrie-autonomous-security-agent-cli-atp-sdk","2026-05-14 00:41:58",105.67091502846026,[138,185,140,141],"same-kind",[28,143],{"id":188,"uuid":189,"slug":190,"title":191,"description":192,"author_id":193,"author_name":194,"author_avatar":11,"token_estimate":12,"time_saved":12,"model_used":13,"fork_count":12,"vote_count":12,"view_count":195,"parent_id":12,"parent_uuid":13,"lang_type":15,"steps":196,"files":40,"tags":197,"has_voted":30,"visibility":19,"share_token":13,"is_featured":12,"content_hash":96,"asset_kind":28,"target_tools":199,"install_mode":200,"entrypoint":201,"risk_profile":202,"dependencies":203,"verification":208,"agent_metadata":211,"agent_fit":222,"trust":226,"provenance":229,"created_at":231,"updated_at":232,"__relatedScore":233,"__relatedReasons":234,"__sharedTags":235},3589,"baef23fa-bdf3-53b0-92b6-6329937bdf93","magic-cli-llm-command-suggestion-for-terminals","magic-cli — LLM Command Suggestion for Terminals","magic-cli is a Rust CLI that suggests commands, semantically searches shell history, and works with local or cloud LLM providers.","8a910e34-3180-11f1-9bc6-00163e2b0d79","Script Depot",13,[],[198],{"id":26,"name":27,"slug":28,"icon":29},[34,35,36],"curl","brew install guywaldman\u002Ftap\u002Fmagic-cli",{"executes_code":30,"modifies_global_config":30,"requires_secrets":40,"uses_absolute_paths":30,"network_access":30},{"npm":204,"pip":205,"brew":206,"system":207},[],[],[],[],{"commands":209,"expected_files":210},[],[],{"asset_kind":28,"target_tools":212,"install_mode":200,"entrypoint":201,"risk_profile":213,"dependencies":214,"content_hash":96,"verification":219},[34,35,36],{"executes_code":30,"modifies_global_config":30,"requires_secrets":40,"uses_absolute_paths":30,"network_access":30},{"npm":215,"pip":216,"brew":217,"system":218},[],[],[],[],{"commands":220,"expected_files":221},[],[],{"target":35,"score":61,"status":62,"policy":63,"why":223,"asset_kind":28,"install_mode":200},[65,224,225,68,69,70,71],"asset_kind cli","install_mode curl",{"author_trust_level":73,"verified_publisher":30,"asset_signed_hash":96,"signature_status":74,"install_count":12,"report_count":12,"dangerous_capability_badges":227,"review_status":76,"signals":228},[],[78,79,80],{"owner_uuid":193,"owner_name":194,"source_url":230,"content_hash":96,"visibility":19,"created_at":231,"updated_at":232},"https:\u002F\u002Ftokrepo.com\u002Fen\u002Fworkflows\u002Fmagic-cli-llm-command-suggestion-for-terminals","2026-05-13 16:22:03","2026-05-14 07:18:25",104.71919205351736,[138,139,140],[28,143],{"id":237,"uuid":238,"slug":239,"title":240,"description":241,"author_id":242,"author_name":243,"author_avatar":244,"token_estimate":245,"time_saved":12,"model_used":13,"fork_count":12,"vote_count":12,"view_count":246,"parent_id":12,"parent_uuid":13,"lang_type":15,"steps":247,"files":40,"tags":248,"has_voted":30,"visibility":19,"share_token":13,"is_featured":12,"content_hash":250,"asset_kind":97,"target_tools":251,"install_mode":123,"entrypoint":254,"risk_profile":255,"dependencies":258,"verification":263,"agent_metadata":266,"agent_fit":278,"trust":285,"provenance":290,"created_at":292,"updated_at":293,"__relatedScore":294,"__relatedReasons":295,"__sharedTags":296},318,"c9e10dbf-d7ae-4561-995b-198e6d599fe7","llm-cli-tool-100-language-models-c9e10dbf","LLM — CLI Tool for 100+ Language Models","LLM is a CLI and Python library for accessing 100+ LLMs via APIs or locally. 11.5K+ stars. SQLite logging, embeddings, structured data. Apache 2.0.","170b09b6-72fe-41f7-9074-58a151dadc28","Simon Willison","https:\u002F\u002Favatars.githubusercontent.com\u002Fu\u002F9599?v=4",408,77,[],[249],{"id":26,"name":27,"slug":28,"icon":29},"e4f4d3ebab89ff9d3013fe3e34266adbfdb3f9680220556491aef8521110b93d",[34,35,252,36,253],"cursor","windsurf","llm-cli.md",{"executes_code":256,"modifies_global_config":30,"requires_secrets":257,"uses_absolute_paths":30,"network_access":30},true,[],{"npm":259,"pip":260,"brew":261,"system":262},[],[],[],[],{"commands":264,"expected_files":265},[],[254],{"asset_kind":97,"target_tools":267,"install_mode":123,"entrypoint":254,"risk_profile":268,"dependencies":270,"content_hash":250,"verification":275},[34,35,252,36,253],{"executes_code":256,"modifies_global_config":30,"requires_secrets":269,"uses_absolute_paths":30,"network_access":30},[],{"npm":271,"pip":272,"brew":273,"system":274},[],[],[],[],{"commands":276,"expected_files":277},[],[254],{"target":35,"score":279,"status":123,"policy":123,"why":280,"asset_kind":97,"install_mode":123},5,[65,125,281,127,128,282,283,284],"install_mode stage_only","install_mode is stage_only","risk_profile.executes_code is true","trust new",{"author_trust_level":286,"verified_publisher":30,"asset_signed_hash":250,"signature_status":74,"install_count":12,"report_count":12,"dangerous_capability_badges":287,"review_status":76,"signals":289},"new",[97,288,123],"executes_code",[79],{"owner_uuid":242,"owner_name":243,"source_url":291,"content_hash":250,"visibility":19,"created_at":292,"updated_at":293},"https:\u002F\u002Ftokrepo.com\u002Fen\u002Fworkflows\u002Fllm-cli-tool-100-language-models-c9e10dbf","2026-04-01 12:14:14","2026-05-13 08:11:15",102.83814190403572,[138,139,140],[28,143]]