mythic-c2-readonly

Dreadnode Capabilities

This is the source repo for the capabilities Dreadnode publishes to app.dreadnode.io. A capability is a directory — a manifest plus any combination of agents, tools, skills, and MCP servers — that a Dreadnode runtime picks up and loads:

ai-red-teaming/
  capability.yaml     # manifest
  agents/             # markdown prompts
  tools/              # python @tool functions
  skills/             # SKILL.md packs

Install one

• Published — dn capability install dreadnode/ai-red-teaming (swap in any name from capabilities/)
• From source — dn capability install ./capabilities/ai-red-teaming symlinks the directory into your runtime, so edits go live on reload
• From the TUI — start dn, press Ctrl+P, filter for dreadnode/

dn is the Dreadnode CLI — see getting-started to install and authenticate. Full install reference for capabilities lives at docs.dreadnode.io/capabilities/installing.

Build your own

Every directory under capabilities/ is a shipped, working example. Read one alongside the docs:

• Concepts and load model
• Manifest reference
• Quickstart — scaffold to running in the TUI in about ten minutes

Security scanning

Every skill in this repo is scanned with cisco-ai-defense/skill-scanner for prompt injection, data exfiltration, tool-chaining abuse, and supply chain risk. CI fails on HIGH+ findings and uploads SARIF reports to GitHub Code Scanning. The repo policy in scan-policy.yaml tunes the scanner for security-focused content.

just security-scan                    # scan all capabilities
just security-scan web-security       # scan one capability
just security-scan behavioral="true"  # deep dataflow analysis

Contributing

This repo is published for reference, not as a contribution target — we don't generally accept external PRs that add new capabilities. See CONTRIBUTING.md for what's useful to send and how to build your own capabilities instead.

License

Each capability declares its license in its capability.yaml.