Skip to content

feat: thread attack objective, judge hint, and business use case through sdk, cli, and mcp#193

Merged
jithin23-kv merged 3 commits into
KeyValueSoftwareSystems:masterfrom
jithin23-kv:feat/attack-objective-sdk-mcp
Jul 14, 2026
Merged

feat: thread attack objective, judge hint, and business use case through sdk, cli, and mcp#193
jithin23-kv merged 3 commits into
KeyValueSoftwareSystems:masterfrom
jithin23-kv:feat/attack-objective-sdk-mcp

Conversation

@jithin23-kv

@jithin23-kv jithin23-kv commented Jul 13, 2026

Copy link
Copy Markdown
Collaborator

Problem

There was no way to steer every evaluator's attacks toward a specific free-text
mission, bias the judge's verdict, or give the attacker business/domain context —
each evaluator just pursued its own generic goal with no operator input. opfor hunt already had --objective for its autonomous mode, and the browser
extension's "Advanced" panel exposed three operator-intent fields (Attack
objective, Custom evaluator hint, Business use case), but the evaluator-based
opfor run path had no equivalent on any other surface (CLI, SDK, or MCP).

Solution

Added attackObjective, judgeHint, and businessUseCase end-to-end across all
three ways of driving opfor run:

  • Core: RunConfig.attackObjective / .judgeHint / .businessUseCase
    (schema + type), applied onto every generated agent attack in
    runEvaluatorAttacks, and threaded into generateAttacks() so comprehensive
    mode's turn-1 seed prompt sees them too (not just adaptive mode's follow-up
    turns). judgeHint is combined with each attack's existing evaluator-authored
    hint rather than overwriting it.
  • CLI: opfor run --objective <text> / --objective-file <path>,
    --judge-hint <text> / --judge-hint-file <path>, --business-use-case <text>
    / --business-use-case-file <path>.
  • SDK: RunOptions.attackObjective / .judgeHint / .businessUseCase,
    threaded through buildRunConfig().
  • MCP: attack_objective / judge_hint / business_use_case on
    opfor_setup (baked into the written config) and objective_override /
    judge_hint_override / business_use_case_override on opfor_run (runtime
    override, same pattern as effort_override/turns_override). All three tools
    echo the fields in their response text when set.

Changes

  • core/src/config/schema.ts, core/src/execute/types.ts — new fields/schema on RunConfig
  • core/src/execute/evaluatorLoop.ts — stamps attackObjective/businessUseCase onto agent attacks, combines judgeHint with each attack's existing hint
  • core/src/generate/generateAttacks.ts — threads attackObjective/businessUseCase into the comprehensive-mode turn-1 seed prompt
  • core/src/execute/runAllBrowser.ts — passes the same fields into generateAttacks for the browser path's comprehensive mode
  • runners/cli/src/commands/run.ts--objective/--objective-file, --judge-hint/--judge-hint-file, --business-use-case/--business-use-case-file
  • runners/sdk/src/types.ts, runners/sdk/src/internal/buildRunConfig.ts — SDK support
  • runners/mcp/src/index.ts — MCP support
  • core/tests/runAll.smoke.test.ts — new tests asserting the actual rendered prompt content (attacker ATTACK_OBJECTIVE/BUSINESS_CONTEXT blocks, judge JUDGE HINT combine behavior) across both adaptive and comprehensive effort
  • docs/cli.md, docs/sdk.md, docs/mcp.md

Issue

N/A

How to test

  1. npm run build
  2. CLI: opfor run --config <file> --objective "<text>" --judge-hint "<text>" --business-use-case "<text>" — confirm the log prints all three lines and generated attacks/judge prompts reflect them.
  3. SDK: call run({ ..., attackObjective, judgeHint, businessUseCase }) and confirm they reach the generated attack/judge prompts.
  4. MCP: call opfor_setup with attack_objective/judge_hint/business_use_case set, confirm they're written into opfor.config.json; then call opfor_run with the matching *_override params and confirm they override the config values (response text shows all three).
  5. npm run typecheck && npm run lint && npm run format:check && npm test all pass.

Screenshots

N/A — no UI/report surface changes.

Summary by CodeRabbit

  • New Features
    • Added three optional free-text config options: attack objective, judge hint, and business use case.
    • CLI now supports --objective and --objective-file; MCP setup and run tools support corresponding objective/judge/business overrides.
    • These values are threaded into generated attacker prompts and (for judge hints) integrated into evaluator guidance; run reports now show objective/context when set.
  • Documentation
    • Updated CLI, MCP, and SDK docs to document the new config fields and overrides.
  • Tests
    • Expanded smoke-test coverage to verify prompt plumbing and hint/objective combinations.

RunConfig.attackObjective already exists in core and is wired up for
`opfor run --objective`/`--objective-file`, but the SDK and MCP server had
no way to set it — only opfor hunt and the CLI run command could steer
attacks with a free-text mission.

- SDK: add RunOptions.attackObjective, threaded through buildRunConfig()
  into the core RunConfig.
- MCP: add attack_objective to opfor_setup (baked into the written
  config) and objective_override to opfor_run (overrides it at run time,
  same pattern as effort_override/turns_override). Both tools' response
  text now echo the objective when set.
- docs: document the new SDK option and MCP parameters.
@coderabbitai

coderabbitai Bot commented Jul 13, 2026

Copy link
Copy Markdown

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 42b89373-782d-4a94-989a-ee46d624b91a

📥 Commits

Reviewing files that changed from the base of the PR and between dda4f31 and b4005ab.

📒 Files selected for processing (1)
  • runners/mcp/src/index.ts
🚧 Files skipped from review as they are similar to previous changes (1)
  • runners/mcp/src/index.ts

Walkthrough

Changes

Evaluator steering configuration

Layer / File(s) Summary
Core contracts and prompt generation
core/src/config/schema.ts, core/src/execute/types.ts, core/src/generate/generateAttacks.ts
Adds optional attack objective, judge hint, and business context fields, forwarding objective and business context into attacker prompt generation.
Evaluator propagation and validation
core/src/execute/evaluatorLoop.ts, core/src/execute/runAllBrowser.ts, core/tests/runAll.smoke.test.ts
Propagates configuration into generated attacks, combines judge hints, forwards browser-run values, and tests attacker and judge prompt contents.
CLI and MCP configuration inputs
runners/cli/src/commands/run.ts, runners/mcp/src/index.ts
Adds objective inputs and steering overrides, maps them into run configuration, and reports configured values.
SDK mapping and documentation
runners/sdk/src/..., docs/cli.md, docs/mcp.md, docs/sdk.md
Adds SDK option mapping and documents the new CLI, MCP, and SDK configuration fields.

Estimated code review effort: 3 (Moderate) | ~25 minutes

Sequence Diagram(s)

sequenceDiagram
  participant Operator
  participant CLI_or_MCP
  participant RunConfig
  participant Evaluator
  participant PromptBuilder
  participant Judge
  Operator->>CLI_or_MCP: provide steering fields
  CLI_or_MCP->>RunConfig: store or override configuration
  RunConfig->>Evaluator: pass objective, context, and judge hint
  Evaluator->>PromptBuilder: generate attacker prompt
  Evaluator->>Judge: provide combined judge hint
Loading

Possibly related PRs

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (4 passed)
Check name Status Explanation
Title check ✅ Passed The title clearly describes the main change: threading attack objective, judge hint, and business use case through SDK, CLI, and MCP.
Description check ✅ Passed The description covers all required template sections and provides a clear problem, solution, changes, testing, issue, and screenshots status.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@runners/mcp/src/index.ts`:
- Around line 231-237: Update the attack_objective and objective_override
schemas to trim input and reject empty or whitespace-only strings. In the setup
flow, preserve valid empty checks by testing both override values with !==
undefined rather than truthiness, so validated objectives are not silently
dropped.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: f39d110c-eded-47ab-8ac3-7c4fb5882bb8

📥 Commits

Reviewing files that changed from the base of the PR and between 5820087 and f93da9a.

📒 Files selected for processing (10)
  • core/src/config/schema.ts
  • core/src/execute/evaluatorLoop.ts
  • core/src/execute/types.ts
  • docs/cli.md
  • docs/mcp.md
  • docs/sdk.md
  • runners/cli/src/commands/run.ts
  • runners/mcp/src/index.ts
  • runners/sdk/src/internal/buildRunConfig.ts
  • runners/sdk/src/types.ts

Comment thread runners/mcp/src/index.ts
@jithin23-kv jithin23-kv changed the title feat: thread attack objective through sdk and mcp runners feat: thread attack objective, judge hint, and business use case through sdk, cli, and mcp Jul 14, 2026

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick comments (2)
core/src/generate/generateAttacks.ts (1)

154-166: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

Positional params are getting risky — consider an options object.

generatePatternAgentAttack and buildAgentSystemPrompt now take several consecutive optional string | undefined params (traceContext, attackObjective, businessUseCase). The order currently checks out at both call sites, but this shape makes future edits easy to silently misorder since the type checker can't catch swapped same-typed args.

♻️ Proposed direction
-async function buildAgentSystemPrompt(
-  evaluator: EvaluatorSpec,
-  targetDescription: string,
-  model: LanguageModel,
-  traceContext?: string,
-  upstreamSessions?: SessionContext[],
-  attackObjective?: string,
-  businessUseCase?: string
-): Promise<string> {
+async function buildAgentSystemPrompt(
+  evaluator: EvaluatorSpec,
+  targetDescription: string,
+  model: LanguageModel,
+  opts?: {
+    traceContext?: string;
+    upstreamSessions?: SessionContext[];
+    attackObjective?: string;
+    businessUseCase?: string;
+  }
+): Promise<string> {

Also applies to: 200-202

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@core/src/generate/generateAttacks.ts` around lines 154 - 166, Update
generatePatternAgentAttack and buildAgentSystemPrompt to accept a named options
object for the consecutive optional context, attackObjective, and
businessUseCase values instead of positional parameters. Update both call sites
to pass these properties by name, preserving the current values and behavior
while preventing same-typed arguments from being silently reordered.
core/src/config/schema.ts (1)

166-168: 🚀 Performance & Scalability | 🔵 Trivial | ⚡ Quick win

Consider bounding these free-text fields.

attackObjective, judgeHint, and businessUseCase are unconstrained strings that get injected verbatim into every attacker/judge prompt (generateAttacks.ts) and are also settable via MCP runtime overrides per the PR objectives. A missing .max(...) means an oversized value silently balloons every generated prompt's token count/cost across the whole run.

♻️ Proposed fix
-    attackObjective: z.string().optional(),
-    judgeHint: z.string().optional(),
-    businessUseCase: z.string().optional(),
+    attackObjective: z.string().max(4000).optional(),
+    judgeHint: z.string().max(2000).optional(),
+    businessUseCase: z.string().max(4000).optional(),
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@core/src/config/schema.ts` around lines 166 - 168, Bound the free-text fields
attackObjective, judgeHint, and businessUseCase in the relevant schema
definition by adding an appropriate maximum length to each optional string.
Preserve their optional behavior and ensure the same validation applies to
values supplied through MCP runtime overrides.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@core/src/config/schema.ts`:
- Around line 166-168: Bound the free-text fields attackObjective, judgeHint,
and businessUseCase in the relevant schema definition by adding an appropriate
maximum length to each optional string. Preserve their optional behavior and
ensure the same validation applies to values supplied through MCP runtime
overrides.

In `@core/src/generate/generateAttacks.ts`:
- Around line 154-166: Update generatePatternAgentAttack and
buildAgentSystemPrompt to accept a named options object for the consecutive
optional context, attackObjective, and businessUseCase values instead of
positional parameters. Update both call sites to pass these properties by name,
preserving the current values and behavior while preventing same-typed arguments
from being silently reordered.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 3ee7c985-5769-4064-91b2-36866292caf2

📥 Commits

Reviewing files that changed from the base of the PR and between f93da9a and dda4f31.

📒 Files selected for processing (13)
  • core/src/config/schema.ts
  • core/src/execute/evaluatorLoop.ts
  • core/src/execute/runAllBrowser.ts
  • core/src/execute/types.ts
  • core/src/generate/generateAttacks.ts
  • core/tests/runAll.smoke.test.ts
  • docs/cli.md
  • docs/mcp.md
  • docs/sdk.md
  • runners/cli/src/commands/run.ts
  • runners/mcp/src/index.ts
  • runners/sdk/src/internal/buildRunConfig.ts
  • runners/sdk/src/types.ts
🚧 Files skipped from review as they are similar to previous changes (4)
  • runners/mcp/src/index.ts
  • docs/cli.md
  • docs/mcp.md
  • runners/cli/src/commands/run.ts

@jithin23-kv jithin23-kv merged commit 7db26af into KeyValueSoftwareSystems:master Jul 14, 2026
8 checks passed
@jithin23-kv jithin23-kv deleted the feat/attack-objective-sdk-mcp branch July 14, 2026 13:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants