{"version":"1.0","workflow_uuid":"cf2f4bfe-7f9c-5fcb-b801-c8f8ef64d83a","workflow_title":"PentestAgent — MCP-Ready AI Pentesting Agent","recommended_install":{"schema_version":1,"status":"stage","policy":"stage_only","install_mode":"stage_only","target":"codex","command":"npx -y tokrepo@latest install cf2f4bfe-7f9c-5fcb-b801-c8f8ef64d83a --target codex","dry_run_command":"npx -y tokrepo@latest install cf2f4bfe-7f9c-5fcb-b801-c8f8ef64d83a --target codex --dry-run --json","runtime_commands":{"codex":"npx -y tokrepo@latest install cf2f4bfe-7f9c-5fcb-b801-c8f8ef64d83a --target codex","gemini":"npx -y tokrepo@latest install cf2f4bfe-7f9c-5fcb-b801-c8f8ef64d83a --target gemini","project":"npx -y tokrepo@latest install cf2f4bfe-7f9c-5fcb-b801-c8f8ef64d83a"},"prompt":"Install and make this TokRepo asset usable: \"PentestAgent — MCP-Ready AI Pentesting Agent\".\n\nPage: \nUUID: cf2f4bfe-7f9c-5fcb-b801-c8f8ef64d83a\nTarget adapter: codex\nPolicy/mode: stage_only / stage_only\n\nRead these machine-facing entry points first:\n- metadata: https://tokrepo.com/metadata/cf2f4bfe-7f9c-5fcb-b801-c8f8ef64d83a.json\n- install contract: https://tokrepo.com/install-contract/cf2f4bfe-7f9c-5fcb-b801-c8f8ef64d83a.json\n- install plan: https://api.tokrepo.com/api/v1/tokenboard/workflows/install-plan?uuid=cf2f4bfe-7f9c-5fcb-b801-c8f8ef64d83a&target=codex\n- raw content: https://tokrepo.com/raw/cf2f4bfe-7f9c-5fcb-b801-c8f8ef64d83a\n\nCommands:\n- choose the current runtime; do not use unsupported CLI targets.\n- Codex: npx -y tokrepo@latest install cf2f4bfe-7f9c-5fcb-b801-c8f8ef64d83a --target codex\n- Gemini CLI: npx -y tokrepo@latest install cf2f4bfe-7f9c-5fcb-b801-c8f8ef64d83a --target gemini\n- Claude Code / project agent: run npx -y tokrepo@latest install cf2f4bfe-7f9c-5fcb-b801-c8f8ef64d83a from the project root; add `--dry-run --json` first to inspect the plan.\n- add `--dry-run --json` to the chosen command first; after the plan allows it, run the chosen command.\n\nExecution rules:\n1. Run the install command to stage the asset safely.\n2. Read the staged README, install-plan, and entrypoint files.\n3. Activate scripts, MCP config, or global config only after user confirmation.\n4. Verify usability with the install-plan post_verify checks and the asset README.\n\nReport back with changed files, verification result, and how to use the asset next.","next_steps":["Run the install command to stage the asset safely.","Read the staged README, install-plan, and entrypoint files.","Activate scripts, MCP config, or global config only after user confirmation.","Verify usability with the install-plan post_verify checks and the asset README."],"success_check":["The asset is safely staged.","The agent can give clear activation steps from the staged content."]},"install_contract":{"version":"1.0","installReady":false,"title":"PentestAgent — MCP-Ready AI Pentesting Agent","summary":"PentestAgent is an AI pentesting agent with a TUI and optional MCP server mode, built for authorized assessments and reproducible Docker-backed tool runs.","assetType":"MCP Configs","pageUrl":"","sourceUrl":"https://github.com/GH05TCREW/pentestagent.git","intendedFor":[],"firstActions":[],"agentFirstSteps":[],"targetPaths":[],"verification":[],"startingPoints":[],"example":"","successOutcome":"","boundaries":[],"askUserIf":["the current workspace stack cannot be matched to a safe upstream template","the target path is not the project root, or an existing file should be merged instead of overwritten"]}}