Skip to content

feat: thread attack objective through sdk and mcp runners#193

Open
jithin23-kv wants to merge 1 commit into
KeyValueSoftwareSystems:masterfrom
jithin23-kv:feat/attack-objective-sdk-mcp
Open

feat: thread attack objective through sdk and mcp runners#193
jithin23-kv wants to merge 1 commit into
KeyValueSoftwareSystems:masterfrom
jithin23-kv:feat/attack-objective-sdk-mcp

Conversation

@jithin23-kv

@jithin23-kv jithin23-kv commented Jul 13, 2026

Copy link
Copy Markdown
Collaborator

Problem

There was no way to steer every evaluator's attacks toward a specific free-text mission (e.g. "get the target to leak env vars via a delegated employee") — each evaluator just pursued its own generic goal. opfor hunt already had --objective for its autonomous mode, but the evaluator-based opfor run path had no equivalent, on any surface (CLI, SDK, or MCP).

Solution

Added attackObjective end-to-end across all three ways of driving opfor run:

  • Core: RunConfig.attackObjective (schema + type), applied onto every generated agent attack in runEvaluatorAttacks.
  • CLI: opfor run --objective <text> / --objective-file <path>.
  • SDK: RunOptions.attackObjective, threaded through buildRunConfig().
  • MCP: attack_objective on opfor_setup (baked into the written config) and objective_override on opfor_run (runtime override, same pattern as effort_override/turns_override). Both tools echo the objective in their response text when set.

Changes

  • core/src/config/schema.ts, core/src/execute/types.tsattackObjective field/schema on RunConfig
  • core/src/execute/evaluatorLoop.ts — applies it onto generated agent attacks
  • runners/cli/src/commands/run.ts--objective/--objective-file
  • runners/sdk/src/types.ts, runners/sdk/src/internal/buildRunConfig.ts — SDK support
  • runners/mcp/src/index.ts — MCP support
  • docs/cli.md, docs/sdk.md, docs/mcp.md

Issue

N/A

How to test

  1. npm run build
  2. CLI: opfor run --config <file> --objective "<text>" (or --objective-file <path>) — confirm the log prints Objective: ... and generated attacks reflect the mission.
  3. SDK: call run({ ..., attackObjective: "..." }) and confirm it reaches generated attack prompts.
  4. MCP: call opfor_setup with attack_objective set, confirm it's written into opfor.config.json; then call opfor_run with objective_override set and confirm it overrides the config value (response text shows Objective: ...).
  5. npm run typecheck && npm run lint && npm run format:check all pass.

Screenshots

N/A — no UI/report surface changes.

Summary by CodeRabbit

  • New Features

    • Added optional attack objectives to guide evaluator attack generation.
    • Added --objective and --objective-file options to CLI runs.
    • Added objective configuration and override support through MCP and SDK interfaces.
    • Run output now displays the configured objective when provided.
  • Documentation

    • Updated CLI, MCP, and SDK documentation with objective-related configuration and usage details.

RunConfig.attackObjective already exists in core and is wired up for
`opfor run --objective`/`--objective-file`, but the SDK and MCP server had
no way to set it — only opfor hunt and the CLI run command could steer
attacks with a free-text mission.

- SDK: add RunOptions.attackObjective, threaded through buildRunConfig()
  into the core RunConfig.
- MCP: add attack_objective to opfor_setup (baked into the written
  config) and objective_override to opfor_run (overrides it at run time,
  same pattern as effort_override/turns_override). Both tools' response
  text now echo the objective when set.
- docs: document the new SDK option and MCP parameters.
@coderabbitai

coderabbitai Bot commented Jul 13, 2026

Copy link
Copy Markdown

Review Change Stack

Walkthrough

Changes

Attack objective configuration

Layer / File(s) Summary
Core objective contract and propagation
core/src/config/schema.ts, core/src/execute/types.ts, core/src/execute/evaluatorLoop.ts
Adds optional attackObjective configuration and applies it to every generated evaluator attack.
CLI objective inputs and reporting
runners/cli/src/commands/run.ts, docs/cli.md
Adds --objective and --objective-file, handles file-read failures, stores the objective, and reports it during runs.
MCP setup and run overrides
runners/mcp/src/index.ts, docs/mcp.md
Adds setup-time attack_objective and run-time objective_override inputs, with corresponding configuration mapping and output.
SDK objective support and documentation
runners/sdk/src/types.ts, runners/sdk/src/internal/buildRunConfig.ts, docs/sdk.md
Adds SDK support for attackObjective and documents its configuration and usage.

Estimated code review effort: 3 (Moderate) | ~20 minutes

Sequence Diagram(s)

sequenceDiagram
  participant Operator
  participant CLI_or_MCP
  participant RunConfig
  participant runEvaluatorAttacks
  participant GeneratedAttacks
  Operator->>CLI_or_MCP: provide objective
  CLI_or_MCP->>RunConfig: store or override attackObjective
  RunConfig->>runEvaluatorAttacks: pass configured objective
  runEvaluatorAttacks->>GeneratedAttacks: assign objective to each attack
Loading

Possibly related PRs

Suggested reviewers: achuvyas-kv

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (4 passed)
Check name Status Explanation
Title check ✅ Passed The title is concise and relevant, though it emphasizes SDK and MCP while the change also spans core, CLI, and docs.
Description check ✅ Passed The description matches the required template and covers problem, solution, changes, issue, testing, and screenshots.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@runners/mcp/src/index.ts`:
- Around line 231-237: Update the attack_objective and objective_override
schemas to trim input and reject empty or whitespace-only strings. In the setup
flow, preserve valid empty checks by testing both override values with !==
undefined rather than truthiness, so validated objectives are not silently
dropped.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: f39d110c-eded-47ab-8ac3-7c4fb5882bb8

📥 Commits

Reviewing files that changed from the base of the PR and between 5820087 and f93da9a.

📒 Files selected for processing (10)
  • core/src/config/schema.ts
  • core/src/execute/evaluatorLoop.ts
  • core/src/execute/types.ts
  • docs/cli.md
  • docs/mcp.md
  • docs/sdk.md
  • runners/cli/src/commands/run.ts
  • runners/mcp/src/index.ts
  • runners/sdk/src/internal/buildRunConfig.ts
  • runners/sdk/src/types.ts

Comment thread runners/mcp/src/index.ts
Comment on lines +231 to +237
attack_objective: z
.string()
.optional()
.describe(
"Free-text primary mission steering every evaluator's attacks " +
"(e.g. 'get the target to leak env vars via a delegated employee')."
),

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎯 Functional Correctness | 🟡 Minor | ⚡ Quick win

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

# Locate the relevant file and inspect the surrounding sections.
git ls-files runners/mcp/src/index.ts
echo "---- outline ----"
ast-grep outline runners/mcp/src/index.ts --view expanded || true
echo "---- targeted ranges ----"
sed -n '200,410p' runners/mcp/src/index.ts | cat -n

Repository: KeyValueSoftwareSystems/agent-opfor

Length of output: 9864


🏁 Script executed:

#!/bin/bash
set -euo pipefail

# Inspect the config-building logic and objective handling in the rest of the file.
sed -n '430,560p' runners/mcp/src/index.ts | cat -n

Repository: KeyValueSoftwareSystems/agent-opfor

Length of output: 5680


Reject blank objectives instead of dropping them.
attack_objective and objective_override accept blank strings today; the setup path drops "" via truthiness, while whitespace-only values pass through unchanged. Trim and require a non-empty value, then switch the override checks to !== undefined.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@runners/mcp/src/index.ts` around lines 231 - 237, Update the attack_objective
and objective_override schemas to trim input and reject empty or whitespace-only
strings. In the setup flow, preserve valid empty checks by testing both override
values with !== undefined rather than truthiness, so validated objectives are
not silently dropped.

Source: Coding guidelines

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant