pentesting 0.24.4 → 0.40.1

package/dist/main.js

@@ -97,6 +97,8 @@ var DISPLAY_LIMITS = {
   HASH_PREVIEW_LENGTH: 20,
   /** Max characters for loot detail preview */
   LOOT_DETAIL_PREVIEW: 30,
+  /** Max characters for episodic memory event detail preview */
+  MEMORY_EVENT_PREVIEW: 50,
   /** Max characters for link text preview in browser */
   LINK_TEXT_PREVIEW: 100,
   /** Prefix length for API key redaction in logs */
@@ -154,6 +156,20 @@ var AGENT_LIMITS = {
    */
   MAX_SESSION_FILES: 10
 };
+var MEMORY_LIMITS = {
+  /** Maximum entries in working memory (hot context) */
+  WORKING_MEMORY_MAX_ENTRIES: 20,
+  /** Maximum events in episodic memory (session timeline) */
+  EPISODIC_MEMORY_MAX_EVENTS: 100,
+  /** Consecutive failures before SWITCH VECTOR warning */
+  CONSECUTIVE_FAIL_THRESHOLD: 3,
+  /** Maximum learned techniques in DynamicTechniqueLibrary */
+  DYNAMIC_TECHNIQUES_MAX: 50,
+  /** Number of leading words to match for duplicate command detection */
+  COMMAND_MATCH_WORDS: 3,
+  /** Maximum unverified techniques to show in prompt */
+  PROMPT_UNVERIFIED_TECHNIQUES: 10
+};
 
 // src/shared/constants/patterns.ts
 var INPUT_PROMPT_PATTERNS = [
@@ -253,7 +269,13 @@ var SYSTEM_LIMITS = {
   /** Port range for web services (development servers) */
   WEB_PORT_RANGE: { MIN: 8e3, MAX: 9e3 },
   /** Port range for API services */
-  API_PORT_RANGE: { MIN: 3e3, MAX: 3500 }
+  API_PORT_RANGE: { MIN: 3e3, MAX: 3500 },
+  /** Number of recent events to fetch for resource summary */
+  RECENT_EVENTS_IN_SUMMARY: 10,
+  /** Number of events to display in resource summary */
+  RECENT_EVENTS_DISPLAY: 5,
+  /** Number of recent output lines to show per process */
+  RECENT_OUTPUT_LINES: 3
 };
 var DETECTION_PATTERNS = {
   LISTENER: /-(?:lvnp|nlvp|lp|p)\s+(\d+)/,
@@ -286,7 +308,7 @@ var ORPHAN_PROCESS_NAMES = [
 var ID_LENGTH = AGENT_LIMITS.ID_LENGTH;
 var ID_RADIX = AGENT_LIMITS.ID_RADIX;
 var APP_NAME = "Pentest AI";
-var APP_VERSION = "0.24.4";
+var APP_VERSION = "0.40.1";
 var APP_DESCRIPTION = "Autonomous Penetration Testing AI Agent";
 var LLM_ROLES = {
   SYSTEM: "system",
@@ -487,16 +509,6 @@ var TODO_STATUSES = {
   DONE: "done",
   SKIPPED: "skipped"
 };
-var CORE_BINARIES = {
-  NMAP: "nmap",
-  MASSCAN: "masscan",
-  NUCLEI: "nuclei",
-  NIKTO: "nikto",
-  FFUF: "ffuf",
-  GOBUSTER: "gobuster",
-  SQLMAP: "sqlmap",
-  METASPLOIT: "msfconsole"
-};
 var APPROVAL_STATUSES = {
   AUTO: "auto",
   USER_CONFIRMED: "user_confirmed",
@@ -558,8 +570,6 @@ var UI_COMMANDS = {
   QUIT: "quit",
   EXIT_SHORT: "q"
 };
-var PASSIVE_BINARIES = ["whois", "dig", "curl -i"];
-var EXPLOIT_BINARIES = ["impacket"];
 var COMMAND_EVENT_TYPES = {
   TOOL_MISSING: "tool_missing",
   TOOL_INSTALL: "tool_install",
@@ -1759,11 +1769,11 @@ function isProcessRunning(processId) {
   if (proc.hasExited) return false;
   if (!isPidAlive(proc.pid)) {
     proc.hasExited = true;
-    logEvent(processId, "died", "Process no longer alive (PID check failed)");
+    logEvent(processId, PROCESS_EVENTS.DIED, "Process no longer alive (PID check failed)");
     return false;
   }
   proc.childPids = discoverAllDescendants(proc.pid);
-  if (proc.role === "listener") {
+  if (proc.role === PROCESS_ROLES.LISTENER) {
     try {
       if (existsSync3(proc.stdoutFile)) {
         const stdout = readFileSync2(proc.stdoutFile, "utf-8");
@@ -1954,7 +1964,7 @@ function getResourceSummary() {
   const running = procs.filter((p) => p.isRunning);
   const exited = procs.filter((p) => !p.isRunning);
   const ports = getUsedPorts();
-  const recentEvents = processEventLog.slice(-10);
+  const recentEvents = processEventLog.slice(-SYSTEM_LIMITS.RECENT_EVENTS_IN_SUMMARY);
   if (running.length === 0 && exited.length === 0 && recentEvents.length === 0) return "";
   const lines = [];
   if (running.length > 0) {
@@ -1970,7 +1980,7 @@ function getResourceSummary() {
         if (p.stdoutFile && existsSync3(p.stdoutFile)) {
           const content = readFileSync2(p.stdoutFile, "utf-8");
           const outputLines = content.trim().split("\n");
-          lastOutput = outputLines.slice(-3).join(" | ").replace(/\n/g, " ");
+          lastOutput = outputLines.slice(-SYSTEM_LIMITS.RECENT_OUTPUT_LINES).join(" | ").replace(/\n/g, " ");
         }
       } catch {
       }
@@ -2016,7 +2026,7 @@ Ports In Use: ${ports.join(", ")}`);
   }
   if (recentEvents.length > 0) {
     lines.push(`Recent Process Events:`);
-    for (const e of recentEvents.slice(-5)) {
+    for (const e of recentEvents.slice(-SYSTEM_LIMITS.RECENT_EVENTS_DISPLAY)) {
       const ago = Math.round((Date.now() - e.timestamp) / 1e3);
       lines.push(`  ${ago}s ago: [${e.event}] ${e.detail}`);
     }
@@ -2147,9 +2157,657 @@ var StateSerializer = class {
   }
 };
 
+// src/shared/utils/attack-graph.ts
+var GRAPH_STATUS = {
+  NEEDS_SEARCH: "needs_search",
+  POTENTIAL: "potential"
+};
+var GRAPH_LIMITS = {
+  /** Maximum recommended attack chains to return */
+  MAX_CHAINS: 10,
+  /** Maximum chains to show in prompt */
+  PROMPT_CHAINS: 5,
+  /** Maximum unexploited vulns to show in prompt */
+  PROMPT_VULNS: 5
+};
+var AttackGraph = class {
+  nodes = /* @__PURE__ */ new Map();
+  edges = [];
+  /**
+   * Add a node to the attack graph.
+   */
+  addNode(type, label, data = {}) {
+    const id = `${type}:${label}`.toLowerCase().replace(/\s+/g, "_");
+    if (!this.nodes.has(id)) {
+      this.nodes.set(id, {
+        id,
+        type,
+        label,
+        data,
+        exploited: false,
+        discoveredAt: Date.now()
+      });
+    }
+    return id;
+  }
+  /**
+   * Add an edge (relationship) between two nodes.
+   */
+  addEdge(fromId, toId, relation, confidence = 0.5) {
+    const exists = this.edges.some((e) => e.from === fromId && e.to === toId && e.relation === relation);
+    if (!exists) {
+      this.edges.push({ from: fromId, to: toId, relation, confidence });
+    }
+  }
+  /**
+   * Mark a node as exploited.
+   */
+  markExploited(nodeId) {
+    const node = this.nodes.get(nodeId);
+    if (node) node.exploited = true;
+  }
+  /**
+   * Get node by ID.
+   */
+  getNode(nodeId) {
+    return this.nodes.get(nodeId);
+  }
+  /**
+   * Record a service discovery and auto-create edges.
+   */
+  addService(host, port, service, version) {
+    const serviceId = this.addNode("service", `${host}:${port}`, {
+      host,
+      port,
+      service,
+      version
+    });
+    if (version) {
+      const vulnId = this.addNode("vulnerability", `CVE search: ${service} ${version}`, {
+        service,
+        version,
+        status: GRAPH_STATUS.NEEDS_SEARCH
+      });
+      this.addEdge(serviceId, vulnId, "may_have", 0.3);
+    }
+    return serviceId;
+  }
+  /**
+   * Record a credential discovery and create spray edges.
+   */
+  addCredential(username, password, source) {
+    const credId = this.addNode("credential", `${username}:***`, {
+      username,
+      password,
+      source
+    });
+    for (const [id, node] of this.nodes) {
+      if (node.type === "service") {
+        const svc = String(node.data.service || "");
+        if (["ssh", "ftp", "rdp", "smb", "http", "mysql", "postgresql", "mssql", "winrm"].some((s) => svc.includes(s))) {
+          this.addEdge(credId, id, "can_try_on", 0.6);
+        }
+      }
+    }
+    return credId;
+  }
+  /**
+   * Record a vulnerability finding.
+   */
+  addVulnerability(title, target, severity, hasExploit = false) {
+    const vulnId = this.addNode("vulnerability", title, {
+      target,
+      severity,
+      hasExploit
+    });
+    for (const [id, node] of this.nodes) {
+      if (node.type === "service" && node.label.includes(target)) {
+        this.addEdge(id, vulnId, "has_vulnerability", 0.8);
+      }
+    }
+    if (hasExploit) {
+      const accessId = this.addNode("access", `shell via ${title}`, {
+        via: title,
+        status: GRAPH_STATUS.POTENTIAL
+      });
+      this.addEdge(vulnId, accessId, "leads_to", 0.7);
+    }
+    return vulnId;
+  }
+  /**
+   * Record gained access.
+   */
+  addAccess(host, level, via) {
+    const accessId = this.addNode("access", `${level}@${host}`, {
+      host,
+      level,
+      via
+    });
+    this.markExploited(accessId);
+    if (["root", "admin", "SYSTEM", "Administrator"].includes(level)) {
+      const lootId = this.addNode("loot", `flags on ${host}`, {
+        host,
+        status: GRAPH_STATUS.NEEDS_SEARCH
+      });
+      this.addEdge(accessId, lootId, "can_access", 0.9);
+    }
+    return accessId;
+  }
+  /**
+   * Recommend attack chains based on current graph state.
+   * Returns chains sorted by probability (highest first).
+   */
+  recommendChains() {
+    const chains = [];
+    for (const edge of this.edges) {
+      if (edge.relation === "can_try_on") {
+        const cred = this.nodes.get(edge.from);
+        const service = this.nodes.get(edge.to);
+        if (cred && service && !service.exploited) {
+          chains.push({
+            steps: [cred, service],
+            description: `Credential spray: ${cred.label} \u2192 ${service.label}`,
+            probability: edge.confidence,
+            impact: "high"
+          });
+        }
+      }
+    }
+    for (const edge of this.edges) {
+      if (edge.relation === "leads_to") {
+        const vuln = this.nodes.get(edge.from);
+        const access = this.nodes.get(edge.to);
+        if (vuln && access && !vuln.exploited) {
+          chains.push({
+            steps: [vuln, access],
+            description: `Exploit: ${vuln.label} \u2192 ${access.label}`,
+            probability: edge.confidence,
+            impact: "critical"
+          });
+        }
+      }
+    }
+    for (const edge of this.edges) {
+      if (edge.relation === "can_access") {
+        const access = this.nodes.get(edge.from);
+        const loot = this.nodes.get(edge.to);
+        if (access && loot && access.exploited && !loot.exploited) {
+          chains.push({
+            steps: [access, loot],
+            description: `Collect: ${access.label} \u2192 ${loot.label}`,
+            probability: edge.confidence,
+            impact: "high"
+          });
+        }
+      }
+    }
+    const impactWeight = { critical: 4, high: 3, medium: 2, low: 1 };
+    chains.sort(
+      (a, b) => b.probability * (impactWeight[b.impact] || 1) - a.probability * (impactWeight[a.impact] || 1)
+    );
+    return chains.slice(0, GRAPH_LIMITS.MAX_CHAINS);
+  }
+  /**
+   * Format attack graph status for prompt injection.
+   */
+  toPrompt() {
+    if (this.nodes.size === 0) return "";
+    const lines = ["<attack-graph>"];
+    const nodesByType = {};
+    for (const node of this.nodes.values()) {
+      nodesByType[node.type] = (nodesByType[node.type] || 0) + 1;
+    }
+    lines.push(`Nodes: ${Object.entries(nodesByType).map(([t, c]) => `${c} ${t}s`).join(", ")}`);
+    lines.push(`Edges: ${this.edges.length} relationships`);
+    const chains = this.recommendChains();
+    if (chains.length > 0) {
+      lines.push("");
+      lines.push("RECOMMENDED NEXT ACTIONS:");
+      for (let i = 0; i < Math.min(GRAPH_LIMITS.PROMPT_CHAINS, chains.length); i++) {
+        const c = chains[i];
+        const prob = (c.probability * 100).toFixed(0);
+        lines.push(`  ${i + 1}. [${c.impact.toUpperCase()} | ${prob}%] ${c.description}`);
+      }
+    }
+    const unexploitedVulns = Array.from(this.nodes.values()).filter((n) => n.type === "vulnerability" && !n.exploited);
+    if (unexploitedVulns.length > 0) {
+      lines.push("");
+      lines.push(`UNEXPLOITED VULNERABILITIES (${unexploitedVulns.length}):`);
+      for (const v of unexploitedVulns.slice(0, GRAPH_LIMITS.PROMPT_VULNS)) {
+        lines.push(`  - ${v.label} (${v.data.severity || "unknown"})`);
+      }
+    }
+    lines.push("</attack-graph>");
+    return lines.join("\n");
+  }
+  /**
+   * Get graph stats for metrics display.
+   */
+  getStats() {
+    const exploited = Array.from(this.nodes.values()).filter((n) => n.exploited).length;
+    return {
+      nodes: this.nodes.size,
+      edges: this.edges.length,
+      exploited,
+      chains: this.recommendChains().length
+    };
+  }
+};
+
+// src/shared/utils/agent-memory.ts
+import { existsSync as existsSync4, readFileSync as readFileSync3, writeFileSync as writeFileSync4, mkdirSync as mkdirSync2 } from "fs";
+import { join as join3 } from "path";
+var WorkingMemory = class {
+  entries = [];
+  maxEntries = MEMORY_LIMITS.WORKING_MEMORY_MAX_ENTRIES;
+  add(category, content, importance = 0.5, context = {}) {
+    this.entries.push({
+      id: `wm_${Date.now()}_${Math.random().toString(36).slice(2, 6)}`,
+      timestamp: Date.now(),
+      category,
+      content,
+      context,
+      importance
+    });
+    if (this.entries.length > this.maxEntries) {
+      this.entries.sort((a, b) => {
+        const aScore = a.importance * 0.7 + (1 - (Date.now() - a.timestamp) / 6e5) * 0.3;
+        const bScore = b.importance * 0.7 + (1 - (Date.now() - b.timestamp) / 6e5) * 0.3;
+        return bScore - aScore;
+      });
+      this.entries = this.entries.slice(0, this.maxEntries);
+    }
+  }
+  /**
+   * Record a failed attempt to avoid repeating it.
+   */
+  recordFailure(tool, command, error) {
+    this.add("failure", `FAILED: ${tool} \u2192 ${command.slice(0, DISPLAY_LIMITS.COMMAND_PREVIEW)} \u2192 ${error.slice(0, DISPLAY_LIMITS.ERROR_PREVIEW)}`, 0.8, { tool, command });
+  }
+  /**
+   * Record a successful action for reference.
+   */
+  recordSuccess(tool, command, result2) {
+    this.add("success", `SUCCESS: ${tool} \u2192 ${command.slice(0, DISPLAY_LIMITS.COMMAND_PREVIEW)}`, 0.6, { tool, result: result2.slice(0, DISPLAY_LIMITS.OUTPUT_SUMMARY) });
+  }
+  /**
+   * Check if a similar command has already failed.
+   */
+  hasFailedBefore(command) {
+    const lower = command.toLowerCase().split(/\s+/).slice(0, MEMORY_LIMITS.COMMAND_MATCH_WORDS).join(" ");
+    return this.entries.find(
+      (e) => e.category === "failure" && e.content.toLowerCase().includes(lower)
+    );
+  }
+  /**
+   * Get count of consecutive failures (for vector switch detection).
+   */
+  getConsecutiveFailures() {
+    let count = 0;
+    for (let i = this.entries.length - 1; i >= 0; i--) {
+      if (this.entries[i].category === "failure") count++;
+      else break;
+    }
+    return count;
+  }
+  /**
+   * Format for prompt injection.
+   */
+  toPrompt() {
+    if (this.entries.length === 0) return "";
+    const failures = this.entries.filter((e) => e.category === "failure");
+    const successes = this.entries.filter((e) => e.category === "success");
+    const insights = this.entries.filter((e) => e.category === "insight" || e.category === "discovery");
+    const lines = ["<working-memory>"];
+    if (failures.length > 0) {
+      lines.push(`\u26A0\uFE0F FAILED ATTEMPTS (${failures.length} \u2014 DO NOT REPEAT):`);
+      for (const f of failures.slice(-5)) {
+        lines.push(`  \u2717 ${f.content}`);
+      }
+    }
+    const consecutiveFails = this.getConsecutiveFailures();
+    if (consecutiveFails >= MEMORY_LIMITS.CONSECUTIVE_FAIL_THRESHOLD) {
+      lines.push(`\u{1F534} ${consecutiveFails} CONSECUTIVE FAILURES \u2014 SWITCH ATTACK VECTOR NOW`);
+    }
+    if (successes.length > 0) {
+      lines.push(`\u2705 RECENT SUCCESSES (${successes.length}):`);
+      for (const s of successes.slice(-3)) {
+        lines.push(`  \u2713 ${s.content}`);
+      }
+    }
+    if (insights.length > 0) {
+      lines.push(`\u{1F4A1} INSIGHTS:`);
+      for (const i of insights.slice(-3)) {
+        lines.push(`  \u2192 ${i.content}`);
+      }
+    }
+    lines.push("</working-memory>");
+    return lines.join("\n");
+  }
+  getEntries() {
+    return [...this.entries];
+  }
+};
+var EpisodicMemory = class {
+  events = [];
+  maxEvents = MEMORY_LIMITS.EPISODIC_MEMORY_MAX_EVENTS;
+  record(type, summary, details = {}) {
+    this.events.push({
+      timestamp: Date.now(),
+      type,
+      summary,
+      details
+    });
+    if (this.events.length > this.maxEvents) {
+      this.events = this.events.slice(-this.maxEvents);
+    }
+  }
+  /**
+   * Get timeline of key events (for strategic overview).
+   */
+  getTimeline() {
+    return [...this.events];
+  }
+  /**
+   * Get events of a specific type.
+   */
+  getByType(type) {
+    return this.events.filter((e) => e.type === type);
+  }
+  /**
+   * Count how many times a vector has been switched (indicator of difficulty).
+   */
+  getVectorSwitchCount() {
+    return this.events.filter((e) => e.type === "vector_switch").length;
+  }
+  /**
+   * Format for prompt (condensed timeline).
+   */
+  toPrompt() {
+    if (this.events.length === 0) return "";
+    const lines = ["<session-timeline>"];
+    const recent = this.events.slice(-10);
+    for (const e of recent) {
+      const mins = Math.floor((Date.now() - e.timestamp) / 6e4);
+      const icon = {
+        tool_success: "\u2705",
+        tool_failure: "\u274C",
+        phase_change: "\u{1F504}",
+        flag_found: "\u{1F3C1}",
+        access_gained: "\u{1F513}",
+        vector_switch: "\u21AA\uFE0F"
+      }[e.type] || "\u2022";
+      lines.push(`  ${icon} [${mins}min ago] ${e.summary}`);
+    }
+    lines.push("</session-timeline>");
+    return lines.join("\n");
+  }
+};
+var MEMORY_DIR = "/tmp/pentesting-memory";
+var MEMORY_FILE = join3(MEMORY_DIR, "persistent-knowledge.json");
+var PersistentMemory = class {
+  knowledge;
+  constructor() {
+    this.knowledge = this.load();
+  }
+  /**
+   * Record a successful technique.
+   */
+  recordSuccess(service, version, technique) {
+    const existing = this.knowledge.successfulTechniques.find(
+      (t) => t.service === service && t.technique === technique
+    );
+    if (existing) {
+      existing.successCount++;
+      existing.lastUsed = Date.now();
+    } else {
+      this.knowledge.successfulTechniques.push({
+        service,
+        version,
+        technique,
+        successCount: 1,
+        lastUsed: Date.now()
+      });
+    }
+    this.save();
+  }
+  /**
+   * Record a failure pattern to avoid.
+   */
+  recordFailurePattern(pattern, reason) {
+    const existing = this.knowledge.failurePatterns.find((f) => f.pattern === pattern);
+    if (existing) {
+      existing.avoidCount++;
+    } else {
+      this.knowledge.failurePatterns.push({ pattern, reason, avoidCount: 1 });
+    }
+    this.save();
+  }
+  /**
+   * Learn a fact about a technology.
+   */
+  learnFact(technology, fact) {
+    if (!this.knowledge.techFacts.some((f) => f.technology === technology && f.fact === fact)) {
+      this.knowledge.techFacts.push({ technology, fact, learnedAt: Date.now() });
+      this.save();
+    }
+  }
+  /**
+   * Get known successful techniques for a service.
+   */
+  getSuccessfulTechniques(service) {
+    return this.knowledge.successfulTechniques.filter((t) => t.service.toLowerCase().includes(service.toLowerCase())).sort((a, b) => b.successCount - a.successCount);
+  }
+  /**
+   * Format for prompt injection (most relevant persistent knowledge).
+   */
+  toPrompt(services) {
+    const relevant = [];
+    for (const svc of services) {
+      const techniques = this.getSuccessfulTechniques(svc);
+      if (techniques.length > 0) {
+        relevant.push(`${svc}: ${techniques.map((t) => `${t.technique} (${t.successCount}x)`).join(", ")}`);
+      }
+    }
+    if (relevant.length === 0) return "";
+    return [
+      "<persistent-memory>",
+      "PREVIOUSLY SUCCESSFUL TECHNIQUES:",
+      ...relevant.map((r) => `  \u{1F4DA} ${r}`),
+      "</persistent-memory>"
+    ].join("\n");
+  }
+  load() {
+    try {
+      if (existsSync4(MEMORY_FILE)) {
+        return JSON.parse(readFileSync3(MEMORY_FILE, "utf-8"));
+      }
+    } catch {
+    }
+    return { successfulTechniques: [], failurePatterns: [], techFacts: [] };
+  }
+  save() {
+    try {
+      mkdirSync2(MEMORY_DIR, { recursive: true });
+      writeFileSync4(MEMORY_FILE, JSON.stringify(this.knowledge, null, 2));
+    } catch {
+    }
+  }
+};
+
+// src/shared/utils/dynamic-techniques.ts
+var DynamicTechniqueLibrary = class {
+  techniques = [];
+  maxTechniques = MEMORY_LIMITS.DYNAMIC_TECHNIQUES_MAX;
+  /**
+   * Learn a new technique from a search result or successful exploit.
+   */
+  learn(technique) {
+    const exists = this.techniques.some(
+      (t) => t.technique.toLowerCase() === technique.technique.toLowerCase()
+    );
+    if (exists) return;
+    this.techniques.push({
+      ...technique,
+      learnedAt: Date.now()
+    });
+    if (this.techniques.length > this.maxTechniques) {
+      this.techniques.sort((a, b) => {
+        if (a.verified !== b.verified) return a.verified ? -1 : 1;
+        return b.learnedAt - a.learnedAt;
+      });
+      this.techniques = this.techniques.slice(0, this.maxTechniques);
+    }
+  }
+  /**
+   * Extract and learn techniques from a web search result.
+   */
+  learnFromSearchResult(query, resultText) {
+    if (!resultText || resultText.length < 50) return;
+    const patterns = [
+      // "Step 1: ...", "1. Run ..."
+      /(?:step\s*\d+|^\d+\.\s)[:.]?\s*(.{20,150})/gim,
+      // "Exploit: ...", "Payload: ...", "Command: ..."
+      /(?:exploit|payload|command|technique|bypass|trick):\s*(.{10,150})/gi,
+      // Code blocks with commands
+      /(?:```|`)((?:curl|wget|python|nmap|sqlmap|nikto|gobuster|ffuf)\s+.{10,100})(?:```|`)/g
+    ];
+    const extracted = [];
+    for (const pattern of patterns) {
+      pattern.lastIndex = 0;
+      let match;
+      while ((match = pattern.exec(resultText)) !== null && extracted.length < 5) {
+        const technique = (match[1] || match[0]).trim();
+        if (technique.length > 10 && technique.length < 200) {
+          extracted.push(technique);
+        }
+      }
+    }
+    const applicableTo = this.extractTechnologies(query);
+    for (const tech of extracted) {
+      this.learn({
+        source: `Web search: "${query}"`,
+        technique: tech,
+        applicableTo,
+        verified: false,
+        fromQuery: query
+      });
+    }
+  }
+  /**
+   * Mark a technique as verified (it worked in practice).
+   */
+  verify(techniqueSubstring) {
+    for (const t of this.techniques) {
+      if (t.technique.toLowerCase().includes(techniqueSubstring.toLowerCase())) {
+        t.verified = true;
+      }
+    }
+  }
+  /**
+   * Get techniques relevant to a specific service/technology.
+   */
+  getRelevant(service) {
+    const lower = service.toLowerCase();
+    return this.techniques.filter(
+      (t) => t.applicableTo.some((a) => a.toLowerCase().includes(lower) || lower.includes(a.toLowerCase()))
+    );
+  }
+  /**
+   * Get all learned techniques.
+   */
+  getAll() {
+    return [...this.techniques];
+  }
+  /**
+   * Format for prompt injection.
+   */
+  toPrompt() {
+    if (this.techniques.length === 0) return "";
+    const verified = this.techniques.filter((t) => t.verified);
+    const unverified = this.techniques.filter((t) => !t.verified);
+    const lines = ["<learned-techniques>"];
+    if (verified.length > 0) {
+      lines.push("VERIFIED (worked in this session):");
+      for (const t of verified) {
+        lines.push(`  \u2705 [${t.applicableTo.join(",")}] ${t.technique}`);
+      }
+    }
+    if (unverified.length > 0) {
+      lines.push(`DISCOVERED (${unverified.length} unverified):`);
+      for (const t of unverified.slice(0, MEMORY_LIMITS.PROMPT_UNVERIFIED_TECHNIQUES)) {
+        lines.push(`  \u{1F4A1} [${t.applicableTo.join(",")}] ${t.technique} (from: ${t.source})`);
+      }
+    }
+    lines.push("</learned-techniques>");
+    return lines.join("\n");
+  }
+  /**
+   * Extract technology/service names from a search query.
+   */
+  extractTechnologies(query) {
+    const techs = [];
+    const knownTechs = [
+      "apache",
+      "nginx",
+      "iis",
+      "tomcat",
+      "nodejs",
+      "express",
+      "flask",
+      "django",
+      "rails",
+      "php",
+      "wordpress",
+      "joomla",
+      "drupal",
+      "mysql",
+      "postgresql",
+      "mssql",
+      "mongodb",
+      "redis",
+      "memcached",
+      "ssh",
+      "ftp",
+      "smb",
+      "rdp",
+      "ldap",
+      "kerberos",
+      "dns",
+      "docker",
+      "kubernetes",
+      "jenkins",
+      "gitlab",
+      "grafana",
+      "spring",
+      "struts",
+      "log4j",
+      "jackson",
+      "fastjson"
+    ];
+    const lower = query.toLowerCase();
+    for (const tech of knownTechs) {
+      if (lower.includes(tech)) techs.push(tech);
+    }
+    const versionMatch = query.match(/(\d+\.\d+(?:\.\d+)?)/);
+    if (versionMatch && techs.length > 0) {
+      techs[0] = `${techs[0]}/${versionMatch[1]}`;
+    }
+    return techs.length > 0 ? techs : ["general"];
+  }
+};
+
 // src/engine/state.ts
 var SharedState = class {
   data;
+  // ─── Improvement #6: Attack Graph ──────────────────────────────
+  attackGraph = new AttackGraph();
+  // ─── Improvement #12: Multi-Tier Memory ───────────────────────
+  workingMemory = new WorkingMemory();
+  episodicMemory = new EpisodicMemory();
+  persistentMemory = new PersistentMemory();
+  // ─── Improvement #7: Dynamic Technique Library ────────────────
+  dynamicTechniques = new DynamicTechniqueLibrary();
   constructor() {
     this.data = {
       engagement: null,
@@ -2165,7 +2823,8 @@ var SharedState = class {
       // CTF mode ON by default
       flags: [],
       startedAt: Date.now(),
-      deadlineAt: 0
+      deadlineAt: 0,
+      challengeAnalysis: null
     };
   }
   // --- Mission & Persistent Context ---
@@ -2318,11 +2977,19 @@ var SharedState = class {
   addFlag(flag) {
     if (this.data.flags.includes(flag)) return false;
     this.data.flags.push(flag);
+    this.episodicMemory.record("flag_found", `Flag captured: ${flag.slice(0, DISPLAY_LIMITS.LOOT_DETAIL_PREVIEW)}...`);
     return true;
   }
   getFlags() {
     return this.data.flags;
   }
+  // --- Challenge Analysis (#2: Auto-Prompter) ---
+  setChallengeAnalysis(analysis) {
+    this.data.challengeAnalysis = analysis;
+  }
+  getChallengeAnalysis() {
+    return this.data.challengeAnalysis;
+  }
   // --- Time Management ---
   /** Set a deadline for time-aware strategy (e.g., CTF competition end time) */
   setDeadline(deadlineMs) {
@@ -2443,77 +3110,15 @@ var ScopeGuard = class {
     this.state = state;
   }
   /**
-   * Check if a tool call is within allowed scope
+   * Always allow — Docker container is the security boundary.
+   * The agent should try everything; observability > restriction.
    */
-  check(toolCall) {
-    const passiveTools = [
-      TOOL_NAMES.READ_FILE,
-      TOOL_NAMES.SEARCH_CVE,
-      TOOL_NAMES.PARSE_NMAP,
-      TOOL_NAMES.WEB_SEARCH,
-      TOOL_NAMES.ADD_FINDING,
-      TOOL_NAMES.UPDATE_TODO,
-      TOOL_NAMES.GET_STATE,
-      TOOL_NAMES.HELP,
-      // Browser tools are reconnaissance — allow freely
-      TOOL_NAMES.BROWSE_URL,
-      TOOL_NAMES.FILL_FORM,
-      // State mutation tools
-      TOOL_NAMES.ADD_TARGET,
-      TOOL_NAMES.ADD_LOOT,
-      TOOL_NAMES.UPDATE_MISSION,
-      TOOL_NAMES.WRITE_FILE
-    ];
-    if (passiveTools.includes(toolCall.name)) {
-      return { isAllowed: true };
-    }
-    let scope = this.state.getScope();
-    if (!scope) {
-      const targets2 = this.state.getTargets();
-      if (targets2.size > 0) {
-        const cidrs = [];
-        const domains = [];
-        for (const [ip, target] of targets2) {
-          cidrs.push(ip);
-          if (target.hostname) domains.push(target.hostname);
-        }
-        scope = {
-          allowedCidrs: cidrs,
-          allowedDomains: domains,
-          exclusions: [],
-          isDOSAllowed: false,
-          isSocialAllowed: false
-        };
-        this.state.setScope(scope);
-      } else {
-        return { isAllowed: true, reason: "No scope defined. Proceeding with caution." };
-      }
-    }
-    let command = "";
-    if (toolCall.name === TOOL_NAMES.RUN_CMD) {
-      command = String(toolCall.input.command || "");
-    }
-    if (!command) {
-      return { isAllowed: true };
-    }
-    const targets = this.extractTargets(command);
-    const violations = [];
-    for (const target of targets) {
-      if (!this.isTargetInScope(target)) {
-        violations.push(target);
-      }
-    }
-    if (violations.length > 0) {
-      return {
-        isAllowed: false,
-        reason: `Target(s) outside approved scope: ${violations.join(", ")}`,
-        violations
-      };
-    }
+  check(_toolCall) {
     return { isAllowed: true };
   }
   /**
-   * Public helper to check if a specific target is in scope
+   * Advisory check: is a specific target in scope?
+   * Still functional for attack graph analysis and recommendations.
    */
   isTargetInScope(target) {
     const scope = this.state.getScope();
@@ -2532,7 +3137,6 @@ var ScopeGuard = class {
   /**
    * Accurate CIDR matching using bitwise arithmetic.
    * Supports any prefix length /0 through /32.
-   * No external dependencies — pure math.
    */
   matchesCidr(target, cidr) {
     if (target === cidr) return true;
@@ -2554,7 +3158,6 @@ var ScopeGuard = class {
   }
   /**
    * Convert IPv4 dotted-decimal string to unsigned 32-bit integer.
-   * Returns null if the string is not a valid IPv4 address.
    */
   ipToUint32(ip) {
     const parts = ip.split(".");
@@ -2568,152 +3171,732 @@ var ScopeGuard = class {
     return result2;
   }
   /**
-   * Extract IPs and Domains from string
+   * Extract IPs and Domains from string.
+   * Refined to avoid false positives on filenames and Python modules.
    */
   extractTargets(text) {
     const targets = /* @__PURE__ */ new Set();
     const ipv4Regex = /\b(?:\d{1,3}\.){3}\d{1,3}\b/g;
     (text.match(ipv4Regex) || []).forEach((ip) => targets.add(ip));
+    const fileExtensions = /* @__PURE__ */ new Set([
+      "py",
+      "txt",
+      "sh",
+      "js",
+      "ts",
+      "c",
+      "cpp",
+      "h",
+      "rb",
+      "pl",
+      "go",
+      "rs",
+      "java",
+      "class",
+      "jar",
+      "php",
+      "html",
+      "css",
+      "xml",
+      "json",
+      "yaml",
+      "yml",
+      "toml",
+      "conf",
+      "cfg",
+      "ini",
+      "log",
+      "tmp",
+      "bak",
+      "sql",
+      "db",
+      "csv",
+      "md",
+      "rst",
+      "elf",
+      "bin",
+      "exe",
+      "dll",
+      "so",
+      "o",
+      "a",
+      "png",
+      "jpg",
+      "gif",
+      "pdf",
+      "zip",
+      "gz",
+      "tar",
+      "pcap",
+      "cap",
+      "pem",
+      "key",
+      "crt",
+      "csr",
+      "der",
+      "p12",
+      "enc",
+      "dec"
+    ]);
     const domainRegex = /\b[a-z0-9]+([\-\.]{1}[a-z0-9]+)*\.[a-z]{2,}\b/gi;
-    (text.match(domainRegex) || []).forEach((d) => targets.add(d.toLowerCase()));
+    for (const match of text.match(domainRegex) || []) {
+      const lower = match.toLowerCase();
+      const ext = lower.split(".").pop() || "";
+      if (fileExtensions.has(ext)) continue;
+      if (/^[a-z_][a-z0-9_]*\.[a-z_][a-z0-9_]*$/i.test(match)) continue;
+      targets.add(lower);
+    }
     return targets;
   }
 };
 
-// src/engine/approval.ts
-var CATEGORY_APPROVAL = {
-  [SERVICE_CATEGORIES.NETWORK]: APPROVAL_LEVELS.CONFIRM,
-  [SERVICE_CATEGORIES.WEB]: APPROVAL_LEVELS.CONFIRM,
-  [SERVICE_CATEGORIES.DATABASE]: APPROVAL_LEVELS.REVIEW,
-  [SERVICE_CATEGORIES.AD]: APPROVAL_LEVELS.REVIEW,
-  [SERVICE_CATEGORIES.EMAIL]: APPROVAL_LEVELS.CONFIRM,
-  [SERVICE_CATEGORIES.REMOTE_ACCESS]: APPROVAL_LEVELS.REVIEW,
-  [SERVICE_CATEGORIES.FILE_SHARING]: APPROVAL_LEVELS.CONFIRM,
-  [SERVICE_CATEGORIES.CLOUD]: APPROVAL_LEVELS.REVIEW,
-  [SERVICE_CATEGORIES.CONTAINER]: APPROVAL_LEVELS.REVIEW,
-  [SERVICE_CATEGORIES.API]: APPROVAL_LEVELS.CONFIRM,
-  [SERVICE_CATEGORIES.WIRELESS]: APPROVAL_LEVELS.REVIEW,
-  [SERVICE_CATEGORIES.ICS]: APPROVAL_LEVELS.BLOCK
+// src/engine/approval.ts
+var CATEGORY_APPROVAL = {
+  [SERVICE_CATEGORIES.NETWORK]: APPROVAL_LEVELS.CONFIRM,
+  [SERVICE_CATEGORIES.WEB]: APPROVAL_LEVELS.CONFIRM,
+  [SERVICE_CATEGORIES.DATABASE]: APPROVAL_LEVELS.REVIEW,
+  [SERVICE_CATEGORIES.AD]: APPROVAL_LEVELS.REVIEW,
+  [SERVICE_CATEGORIES.EMAIL]: APPROVAL_LEVELS.CONFIRM,
+  [SERVICE_CATEGORIES.REMOTE_ACCESS]: APPROVAL_LEVELS.REVIEW,
+  [SERVICE_CATEGORIES.FILE_SHARING]: APPROVAL_LEVELS.CONFIRM,
+  [SERVICE_CATEGORIES.CLOUD]: APPROVAL_LEVELS.REVIEW,
+  [SERVICE_CATEGORIES.CONTAINER]: APPROVAL_LEVELS.REVIEW,
+  [SERVICE_CATEGORIES.API]: APPROVAL_LEVELS.CONFIRM,
+  [SERVICE_CATEGORIES.WIRELESS]: APPROVAL_LEVELS.REVIEW,
+  [SERVICE_CATEGORIES.ICS]: APPROVAL_LEVELS.BLOCK
+};
+var ApprovalGate = class {
+  constructor(shouldAutoApprove = false) {
+    this.shouldAutoApprove = shouldAutoApprove;
+  }
+  /**
+   * Set auto-approve mode
+   */
+  setAutoApprove(enabled) {
+    this.shouldAutoApprove = enabled;
+  }
+  /**
+   * Get current auto-approve mode
+   */
+  isAutoApprove() {
+    return this.shouldAutoApprove;
+  }
+  /**
+   * Always approve — Docker container is the security boundary.
+   * The agent must have unrestricted freedom to exploit targets.
+   * Category/level system retained for audit trail only.
+   */
+  async request(_toolCall) {
+    return { isApproved: true };
+  }
+};
+
+// src/shared/constants/pentest.ts
+var WORDLISTS = {
+  // Most commonly used password wordlists
+  ROCKYOU: "/usr/share/wordlists/rockyou.txt",
+  COMMON_PASSWORDS: "/usr/share/seclists/Passwords/common-passwords.txt",
+  PASSWORDS_10K: "/usr/share/seclists/Passwords/Common-Credentials/10k-most-common.txt",
+  // Username lists
+  USERNAMES: "/usr/share/seclists/Usernames/top-usernames-shortlist.txt",
+  // Web content discovery
+  DIRB_COMMON: "/usr/share/wordlists/dirb/common.txt",
+  RAFT_MEDIUM_DIRS: "/usr/share/seclists/Discovery/Web-Content/raft-medium-directories.txt",
+  // DNS/Subdomain discovery
+  SUBDOMAINS: "/usr/share/seclists/Discovery/DNS/subdomains-top1million-5000.txt",
+  // API testing
+  API_ENDPOINTS: "/usr/share/seclists/Discovery/Web-Content/api/api-endpoints.txt",
+  API_FUZZ: "/usr/share/seclists/Fuzzing/api-fuzz.txt"
+};
+var HASHCAT_MODES = {
+  MD5: "0",
+  SHA1: "100",
+  NTLM: "1000",
+  SHA256: "1400",
+  bcrypt: "3200",
+  WPA: "2500"
+};
+var NOISE_CLASSIFICATION = {
+  HIGH: [
+    "arp_spoof",
+    "mitm_proxy",
+    "packet_sniff",
+    "dns_spoof",
+    "traffic_intercept",
+    "nmap",
+    "masscan",
+    "nuclei",
+    "nikto"
+  ],
+  MEDIUM: [
+    "ffuf",
+    "gobuster",
+    "dirsearch",
+    "feroxbuster"
+  ]
+};
+
+// src/shared/utils/binary-analysis.ts
+function parseChecksec(output) {
+  const info = {};
+  if (/x86-64|amd64/i.test(output)) {
+    info.arch = "amd64";
+    info.bits = 64;
+    info.endian = "little";
+  } else if (/x86|i[3-6]86/i.test(output)) {
+    info.arch = "i386";
+    info.bits = 32;
+    info.endian = "little";
+  } else if (/aarch64|arm64/i.test(output)) {
+    info.arch = "aarch64";
+    info.bits = 64;
+    info.endian = "little";
+  } else if (/arm/i.test(output)) {
+    info.arch = "arm";
+    info.bits = 32;
+    info.endian = "little";
+  } else if (/mips/i.test(output)) {
+    info.arch = "mips";
+    info.bits = 32;
+    info.endian = "big";
+  }
+  if (/no\s+canary|canary\s*(?:not\s+found|disabled|no)/i.test(output)) info.canary = false;
+  else info.canary = /canary\s*(?:found|enabled|yes)/i.test(output);
+  if (/nx\s*(?:disabled|no)|NX:\s*NX disabled/i.test(output)) info.nx = false;
+  else info.nx = /nx\s*(?:enabled|yes)|NX:\s*NX enabled/i.test(output);
+  if (/no\s+pie|pie\s*(?:disabled|not|no)/i.test(output)) info.pie = false;
+  else info.pie = /pie\s*(?:enabled|yes)|Type:\s*DYN/i.test(output);
+  info.stripped = /stripped/i.test(output) && !/not stripped/i.test(output);
+  info.staticallyLinked = /statically linked/i.test(output);
+  if (/full relro/i.test(output)) info.relro = "full";
+  else if (/partial relro/i.test(output)) info.relro = "partial";
+  else info.relro = "no";
+  return info;
+}
+function suggestExploitTechniques(info) {
+  const suggestions = [];
+  if (info.nx === false) {
+    suggestions.push("NX disabled \u2192 Direct shellcode injection on stack/heap");
+    suggestions.push("jmp esp / call esp gadget for stack pivot");
+  }
+  if (info.canary === false) {
+    suggestions.push("No stack canary \u2192 Classic buffer overflow, overwrite return address");
+    if (info.nx) suggestions.push("ROP chain required (NX enabled)");
+  }
+  if (info.pie === false) {
+    suggestions.push("No PIE \u2192 Fixed binary base address, use binary gadgets directly");
+    suggestions.push("ret2plt possible (call functions via PLT)");
+  }
+  if (info.pie === true && info.canary === false) {
+    suggestions.push("PIE enabled \u2192 Need info leak first (partial overwrite, format string)");
+  }
+  if (info.relro === "partial") {
+    suggestions.push("Partial RELRO \u2192 GOT overwrite possible");
+  }
+  if (info.relro === "full") {
+    suggestions.push("Full RELRO \u2192 GOT is read-only, try __malloc_hook/__free_hook or stack-based attacks");
+  }
+  if (info.canary === true) {
+    suggestions.push("Stack canary present \u2192 Look for format string leak, brute force (forking server), or canary bypass");
+  }
+  if (info.bits === 32) {
+    suggestions.push('32-bit binary \u2192 ret2libc straightforward (system + "/bin/sh")');
+    suggestions.push("Smaller address space \u2192 Brute force ASLR feasible");
+  }
+  if (info.bits === 64) {
+    suggestions.push("64-bit \u2192 Arguments passed in registers (RDI, RSI, RDX). Need pop rdi; ret gadget");
+    suggestions.push("One-gadget may work \u2192 one_gadget libc.so");
+  }
+  if (info.staticallyLinked) {
+    suggestions.push("Statically linked \u2192 Lots of ROP gadgets available, ROPchain via ropper/ROPgadget");
+  }
+  return suggestions;
+}
+function formatBinaryAnalysis(info) {
+  const suggestions = suggestExploitTechniques(info);
+  const lines = [
+    "<binary-analysis>",
+    `Arch: ${info.arch || "?"} | Bits: ${info.bits || "?"} | Endian: ${info.endian || "?"}`,
+    `Protections: Canary=${info.canary ?? "?"} NX=${info.nx ?? "?"} PIE=${info.pie ?? "?"} RELRO=${info.relro ?? "?"}`,
+    `Stripped: ${info.stripped ?? "?"} | Static: ${info.staticallyLinked ?? "?"}`,
+    "",
+    "EXPLOIT SUGGESTIONS:",
+    ...suggestions.map((s) => `  \u2192 ${s}`),
+    "</binary-analysis>"
+  ];
+  return lines.join("\n");
+}
+
+// src/shared/utils/structured-output.ts
+function extractNmapStructured(output) {
+  const ports = [];
+  const hosts = [];
+  const portRegex = /(\d+)\/(tcp|udp)\s+(open|filtered)\s+(\S+)[ \t]*([^\n]*)/g;
+  let match;
+  while ((match = portRegex.exec(output)) !== null) {
+    ports.push({
+      port: parseInt(match[1], 10),
+      service: match[4],
+      version: match[5]?.trim() || "",
+      state: match[3]
+    });
+  }
+  const hostRegex = /Nmap scan report for\s+(\S+)/g;
+  while ((match = hostRegex.exec(output)) !== null) {
+    hosts.push(match[1]);
+  }
+  const openCount = ports.filter((p) => p.state === "open").length;
+  const summary = `${hosts.length} host(s), ${openCount} open port(s): ${ports.filter((p) => p.state === "open").map((p) => `${p.port}/${p.service}`).join(", ")}`;
+  return {
+    summary,
+    structured: { openPorts: ports, hosts }
+  };
+}
+function extractFuzzStructured(output) {
+  const paths = [];
+  const pathPatterns = [
+    /\/\S+\s+\(Status:\s*(?:200|301|302|403)\)/g,
+    // gobuster
+    /\|\s*URL\s*\|\s*(\/\S+)/g,
+    // ffuf table
+    /^(\/\S+)\s+\[\d+\]/gm,
+    // feroxbuster
+    /Status:\s*(200|301|302|403)\s+.*?\s+(\/\S+)/g
+    // generic
+  ];
+  for (const pattern of pathPatterns) {
+    let match;
+    while ((match = pattern.exec(output)) !== null) {
+      const path2 = match[1] || match[0];
+      const cleanPath = path2.replace(/\s.*$/, "").trim();
+      if (cleanPath.startsWith("/") && !paths.includes(cleanPath)) {
+        paths.push(cleanPath);
+      }
+    }
+  }
+  const lines = output.split("\n");
+  for (const line of lines) {
+    const pathMatch = line.match(/^\s*(\/\S+)\s/);
+    if (pathMatch && !paths.includes(pathMatch[1])) {
+      paths.push(pathMatch[1]);
+    }
+  }
+  return {
+    summary: `${paths.length} path(s) discovered: ${paths.slice(0, 10).join(", ")}${paths.length > 10 ? "..." : ""}`,
+    structured: { paths }
+  };
+}
+function extractCredentials(output) {
+  const creds = [];
+  const patterns = [
+    // user:password from hydra, medusa, etc.
+    { regex: /login:\s*(\S+)\s+password:\s*(\S+)/gi, type: "password" },
+    // user:hash from hashdump, secretsdump, etc.
+    { regex: /(\S+):(\d+):([a-f0-9]{32}):([a-f0-9]{32})/g, type: "hash" },
+    // Generic user:pass pattern
+    { regex: /(?:username|user|login)\s*[:=]\s*['"]?(\S+?)['"]?\s+(?:password|pass|pwd)\s*[:=]\s*['"]?(\S+?)['"]?/gi, type: "password" },
+    // Database connection strings
+    { regex: /(?:postgres|mysql|mongodb):\/\/([^:]+):([^@]+)@/g, type: "password" },
+    // API tokens/keys
+    { regex: /(?:api[_-]?key|token|secret|bearer)\s*[:=]\s*['"]?([a-zA-Z0-9_\-]{20,})['"]?/gi, type: "token" }
+  ];
+  for (const { regex, type } of patterns) {
+    let match;
+    while ((match = regex.exec(output)) !== null) {
+      const username = match[1] || "unknown";
+      const credential = match[2] || match[1];
+      if (credential && !creds.some((c) => c.username === username && c.credential === credential)) {
+        creds.push({ username, credential, type, source: "auto-extracted" });
+      }
+    }
+  }
+  return creds;
+}
+function extractVulnerabilities(output) {
+  const vulns = [];
+  const cveRegex = /CVE-\d{4}-\d{4,}/g;
+  let match;
+  while ((match = cveRegex.exec(output)) !== null) {
+    const cveId = match[0];
+    if (!vulns.some((v) => v.id === cveId)) {
+      vulns.push({
+        id: cveId,
+        severity: "unknown",
+        description: `${cveId} referenced in output`,
+        hasExploit: /exploit|poc|proof.of.concept/i.test(output)
+      });
+    }
+  }
+  return vulns;
+}
+function autoExtractStructured(toolName, output) {
+  if (!output || output.length < 10) return null;
+  const data = {};
+  let hasData = false;
+  const creds = extractCredentials(output);
+  if (creds && creds.length > 0) {
+    data.credentials = creds;
+    hasData = true;
+  }
+  const vulns = extractVulnerabilities(output);
+  if (vulns && vulns.length > 0) {
+    data.vulnerabilities = vulns;
+    hasData = true;
+  }
+  if (toolName === "parse_nmap" || /nmap scan report/i.test(output)) {
+    const nmap = extractNmapStructured(output);
+    if (nmap.structured.openPorts && nmap.structured.openPorts.length > 0) {
+      data.openPorts = nmap.structured.openPorts;
+      data.hosts = nmap.structured.hosts;
+      hasData = true;
+    }
+  }
+  if (/gobuster|ffuf|feroxbuster|dirbuster/i.test(output)) {
+    const fuzz = extractFuzzStructured(output);
+    if (fuzz.structured.paths && fuzz.structured.paths.length > 0) {
+      data.paths = fuzz.structured.paths;
+      hasData = true;
+    }
+  }
+  if (/canary|RELRO|NX|PIE|Stack|FORTIFY/i.test(output) && /enabled|disabled|found|no /i.test(output)) {
+    const binaryInfo = parseChecksec(output);
+    if (binaryInfo.arch || binaryInfo.canary !== void 0 || binaryInfo.nx !== void 0) {
+      data.binaryInfo = binaryInfo;
+      data.binaryAnalysisSummary = formatBinaryAnalysis(binaryInfo);
+      hasData = true;
+    }
+  }
+  return hasData ? data : null;
+}
+
+// src/shared/utils/ctf-knowledge.ts
+var FLAG_PATTERNS = {
+  // Generic CTF flag formats
+  generic: /flag\{[^}]+\}/gi,
+  curly_upper: /FLAG\{[^}]+\}/g,
+  // Platform-specific — Major International Competitions
+  htb: /HTB\{[^}]+\}/g,
+  thm: /THM\{[^}]+\}/g,
+  picoCTF: /picoCTF\{[^}]+\}/g,
+  defcon_ooo: /OOO\{[^}]+\}/g,
+  // DEF CON CTF (Order of the Overflow)
+  csaw: /CSAW\{[^}]+\}/g,
+  // CSAW CTF
+  google: /CTF\{[^}]+\}/g,
+  // Google CTF
+  dragon: /DrgnS\{[^}]+\}/g,
+  // Dragon Sector
+  hxp: /hxp\{[^}]+\}/g,
+  // hxp CTF
+  zer0pts: /zer0pts\{[^}]+\}/g,
+  // zer0pts CTF
+  // Asia-Pacific Major Competitions
+  seccon: /SECCON\{[^}]+\}/g,
+  // SECCON CTF (Japan)
+  hitcon: /hitcon\{[^}]+\}/gi,
+  // HITCON CTF (Taiwan)
+  codegate: /codegate\{[^}]+\}/gi,
+  // Codegate CTF (Korea)
+  wacon: /WACON\{[^}]+\}/g,
+  // WACON CTF (Korea)
+  linectf: /LINECTF\{[^}]+\}/g,
+  // LINE CTF (Korea/Japan)
+  tsgctf: /TSGCTF\{[^}]+\}/g,
+  // TSG CTF (Japan)
+  kosenctf: /KosenCTF\{[^}]+\}/g,
+  // Kosen CTF (Japan)
+  asis: /ASIS\{[^}]+\}/g,
+  // ASIS CTF (Iran)
+  // Americas / Europe Major Competitions
+  plaidctf: /PCTF\{[^}]+\}/g,
+  // PlaidCTF (PPP)
+  dicectf: /dice\{[^}]+\}/gi,
+  // DiceCTF
+  rwctf: /rwctf\{[^}]+\}/gi,
+  // Real World CTF
+  rctf: /RCTF\{[^}]+\}/g,
+  // RCTF
+  n1ctf: /N1CTF\{[^}]+\}/g,
+  // N1CTF (Nu1L)
+  bctf: /BCTF\{[^}]+\}/g,
+  // BCTF
+  _0ctf: /0CTF\{[^}]+\}/g,
+  // 0CTF (Shanghai)
+  defcamp: /CTF\{[^}]+\}/g,
+  // DefCamp
+  insomnihack: /INS\{[^}]+\}/g,
+  // Insomni'hack
+  justctf: /justCTF\{[^}]+\}/g,
+  // justCTF
+  lactf: /lactf\{[^}]+\}/gi,
+  // LA CTF (UCLA)
+  damctf: /dam\{[^}]+\}/gi,
+  // DamCTF
+  tjctf: /tjctf\{[^}]+\}/gi,
+  // TJCTF
+  buckeye: /buckeye\{[^}]+\}/gi,
+  // BuckeyeCTF
+  uiuctf: /uiuctf\{[^}]+\}/gi,
+  // UIUCTF
+  // Platform-specific
+  cyber_apocalypse: /HTB\{[^}]+\}/g,
+  // HTB Cyber Apocalypse (same as HTB)
+  offshift: /oS\{[^}]+\}/g,
+  // Offshift CTF
+  imaginaryctf: /ictf\{[^}]+\}/gi,
+  // ImaginaryCTF
+  corctf: /corctf\{[^}]+\}/gi,
+  // corCTF
+  // Generic CTFd format — catches most custom competitions
+  ctfd_generic: /[A-Z]{2,10}\{[^}]+\}/g,
+  // Hash-style flags (HTB user.txt / root.txt — 32-char hex)
+  hash_flag: /\b[a-f0-9]{32}\b/g,
+  // Base64-encoded flag detection (common in steganography/forensics)
+  base64_flag: /flag\{[A-Za-z0-9_+\-/=]+\}/gi
+};
+var MIN_FLAG_SCAN_LENGTH = 5;
+function detectFlags(output) {
+  if (!output || output.length < MIN_FLAG_SCAN_LENGTH) return [];
+  const found = /* @__PURE__ */ new Set();
+  for (const pattern of Object.values(FLAG_PATTERNS)) {
+    pattern.lastIndex = 0;
+    const matches = output.match(pattern);
+    if (matches) {
+      for (const m of matches) found.add(m);
+    }
+  }
+  return Array.from(found);
+}
+var CHALLENGE_TYPE_SIGNALS = {
+  web: [
+    "http",
+    "https",
+    "nginx",
+    "apache",
+    "flask",
+    "express",
+    "php",
+    "node",
+    "django",
+    "rails",
+    "wordpress",
+    "login form",
+    "graphql",
+    "websocket",
+    "oauth",
+    "jwt",
+    "cookie",
+    "grpc"
+  ],
+  pwn: [
+    "buffer overflow",
+    "SUID",
+    "stack",
+    "heap",
+    "format string",
+    "ELF",
+    "binary",
+    "pwntools",
+    "libc",
+    "canary",
+    "NX",
+    "PIE",
+    "seccomp",
+    "shellcode",
+    "tcache",
+    "fastbin",
+    "house of"
+  ],
+  crypto: [
+    "RSA",
+    "AES",
+    "cipher",
+    "decrypt",
+    "encrypt",
+    "key",
+    "modulus",
+    "prime",
+    "hash",
+    "base64",
+    "XOR",
+    "padding oracle",
+    "elliptic curve",
+    "lattice",
+    "LLL",
+    "ECDSA",
+    "nonce"
+  ],
+  forensics: [
+    "pcap",
+    "memory dump",
+    "disk image",
+    "steganography",
+    "exif",
+    "binwalk",
+    "volatility",
+    "autopsy",
+    "file carving",
+    "wireshark",
+    "firmware",
+    "ext4",
+    "ntfs",
+    "registry"
+  ],
+  reversing: [
+    "reverse",
+    "disassemble",
+    "decompile",
+    "ghidra",
+    "ida",
+    "radare2",
+    "upx",
+    "packed",
+    "obfuscated",
+    "android",
+    "apk",
+    "angr",
+    "z3",
+    "frida",
+    "crackme",
+    "keygen",
+    "dnspy"
+  ],
+  misc: [
+    "OSINT",
+    "trivia",
+    "scripting",
+    "pyjail",
+    "sandbox escape",
+    "qr code",
+    "morse",
+    "braille",
+    "jail",
+    "rbash",
+    "restricted",
+    "seccomp",
+    "filter bypass",
+    "escape"
+  ]
+};
+
+// src/shared/utils/auto-prompter.ts
+var SECONDARY_TYPE_RATIO = 0.5;
+var MIN_CHALLENGE_CONFIDENCE = 0.2;
+var MIN_RECON_OUTPUT_LENGTH = 100;
+var TYPE_TECHNIQUE_MAP = {
+  web: ["injection", "auth-access", "file-attacks", "crypto"],
+  pwn: ["pwn", "shells", "reversing"],
+  crypto: ["crypto"],
+  forensics: ["forensics", "reversing", "crypto"],
+  reversing: ["reversing", "pwn"],
+  misc: ["sandbox-escape", "crypto", "forensics"],
+  network: ["network-svc", "shells", "lateral", "ad-attack"],
+  unknown: ["network-svc", "injection", "shells", "file-attacks"]
 };
-function getApprovalLevel(toolCall) {
-  if (toolCall.metadata?.approval) return toolCall.metadata.approval;
-  if (toolCall.metadata?.category) {
-    const categoryLevel = CATEGORY_APPROVAL[toolCall.metadata.category];
-    if (categoryLevel === APPROVAL_LEVELS.BLOCK) return APPROVAL_LEVELS.BLOCK;
-  }
-  const tool = toolCall.name;
-  const input = toolCall.input;
-  if (tool === TOOL_NAMES.RUN_CMD) {
-    const command = String(input.command || "").toLowerCase();
-    if (PASSIVE_BINARIES.some((p) => command.includes(p))) {
-      return APPROVAL_LEVELS.AUTO;
-    }
-    if ([CORE_BINARIES.NMAP, CORE_BINARIES.FFUF, CORE_BINARIES.NUCLEI].some((p) => command.includes(p))) {
-      if (toolCall.metadata?.category && CATEGORY_APPROVAL[toolCall.metadata.category] === APPROVAL_LEVELS.REVIEW) {
-        return APPROVAL_LEVELS.REVIEW;
-      }
-      return APPROVAL_LEVELS.CONFIRM;
-    }
-    if ([CORE_BINARIES.SQLMAP, CORE_BINARIES.METASPLOIT, ...EXPLOIT_BINARIES].some((p) => command.includes(p))) {
-      return APPROVAL_LEVELS.REVIEW;
-    }
-  }
-  const autoTools = [
-    // Intelligence & research (read-only)
-    TOOL_NAMES.READ_FILE,
-    TOOL_NAMES.SEARCH_CVE,
-    TOOL_NAMES.PARSE_NMAP,
-    TOOL_NAMES.WEB_SEARCH,
-    TOOL_NAMES.BROWSE_URL,
-    TOOL_NAMES.GET_CVE_INFO,
-    TOOL_NAMES.GET_OWASP_KNOWLEDGE,
-    TOOL_NAMES.GET_WEB_ATTACK_SURFACE,
-    TOOL_NAMES.FILL_FORM,
-    TOOL_NAMES.EXTRACT_URLS,
-    // State recording (internal state mutations only)
-    TOOL_NAMES.ADD_FINDING,
-    TOOL_NAMES.ADD_TARGET,
-    TOOL_NAMES.ADD_LOOT,
-    TOOL_NAMES.UPDATE_MISSION,
-    TOOL_NAMES.UPDATE_TODO,
-    TOOL_NAMES.GET_STATE,
-    TOOL_NAMES.HELP,
-    TOOL_NAMES.HASH_CRACK,
-    // Payload generation (no external effect until used)
-    TOOL_NAMES.PAYLOAD_MUTATE
-  ];
-  if (autoTools.includes(tool)) return APPROVAL_LEVELS.AUTO;
-  return APPROVAL_LEVELS.CONFIRM;
-}
-var ApprovalGate = class {
-  constructor(shouldAutoApprove = false) {
-    this.shouldAutoApprove = shouldAutoApprove;
+var TYPE_PHASE_PROMPT_MAP = {
+  web: "web.md",
+  pwn: "exploit.md",
+  crypto: "recon.md",
+  forensics: "recon.md",
+  reversing: "exploit.md",
+  misc: "recon.md",
+  network: "recon.md",
+  unknown: "recon.md"
+};
+var TYPE_STRATEGY_MAP = {
+  web: "Web challenge detected. Priority: directory fuzzing \u2192 injection testing \u2192 authentication bypass \u2192 file upload \u2192 SSRF/SSTI. Check source code, cookies, JWT tokens.",
+  pwn: "Binary exploitation challenge. Priority: checksec \u2192 binary analysis \u2192 find vulnerability class \u2192 develop exploit. Tools: gdb, pwntools, radare2.",
+  crypto: "Cryptography challenge. Priority: identify algorithm \u2192 find weakness \u2192 write solver script. Check for weak keys, reused nonces, padding oracle, ECB mode.",
+  forensics: "Forensics challenge. Priority: file identification \u2192 extract data \u2192 analyze artifacts. Tools: binwalk, volatility, wireshark, exiftool, foremost.",
+  reversing: "Reverse engineering challenge. Priority: identify binary type \u2192 static analysis \u2192 dynamic analysis \u2192 extract flag/keygen. Tools: ghidra, radare2, ltrace, strace.",
+  misc: "Miscellaneous challenge. Priority: understand the puzzle \u2192 check for sandbox escape, scripting, OSINT, encoding. Think creatively.",
+  network: "Network/infrastructure challenge. Priority: service enumeration \u2192 version CVE search \u2192 exploit \u2192 privilege escalation \u2192 lateral movement.",
+  unknown: "Challenge type unclear. Run broad reconnaissance first, then adapt based on findings."
+};
+function analyzeChallenge(reconData) {
+  if (!reconData || reconData.trim().length === 0) {
+    return {
+      primaryType: "unknown",
+      secondaryTypes: [],
+      confidence: 0,
+      matchedSignals: [],
+      recommendedTechniques: TYPE_TECHNIQUE_MAP.unknown,
+      recommendedPhasePrompt: TYPE_PHASE_PROMPT_MAP.unknown,
+      strategySuggestion: TYPE_STRATEGY_MAP.unknown
+    };
   }
-  /**
-   * Set auto-approve mode
-   */
-  setAutoApprove(enabled) {
-    this.shouldAutoApprove = enabled;
+  const lowerData = reconData.toLowerCase();
+  const scores = {
+    web: { score: 0, signals: [] },
+    pwn: { score: 0, signals: [] },
+    crypto: { score: 0, signals: [] },
+    forensics: { score: 0, signals: [] },
+    reversing: { score: 0, signals: [] },
+    misc: { score: 0, signals: [] },
+    network: { score: 0, signals: [] },
+    unknown: { score: 0, signals: [] }
+  };
+  for (const [type, signals] of Object.entries(CHALLENGE_TYPE_SIGNALS)) {
+    const challengeType = type;
+    if (!(challengeType in scores)) continue;
+    for (const signal of signals) {
+      if (lowerData.includes(signal.toLowerCase())) {
+        scores[challengeType].score++;
+        scores[challengeType].signals.push(signal);
+      }
+    }
   }
-  /**
-   * Get current auto-approve mode
-   */
-  isAutoApprove() {
-    return this.shouldAutoApprove;
+  if (/\b(80|443|8080|8443|3000|5000|8000)\b/.test(reconData)) {
+    scores.web.score += 2;
+    scores.web.signals.push("web-port");
   }
-  async request(toolCall) {
-    if (this.shouldAutoApprove) return { isApproved: true, reason: "Auto-approve enabled" };
-    const level = getApprovalLevel(toolCall);
-    if (level === APPROVAL_LEVELS.AUTO) return { isApproved: true };
-    if (level === APPROVAL_LEVELS.BLOCK) return { isApproved: false, reason: "Policy blocked execution" };
-    return { isApproved: true, reason: `Auto-approved in non-interactive: ${toolCall.name}` };
+  if (/\b(21|22|23|25|53|445|139|3389|5985)\b/.test(reconData)) {
+    scores.network.score += 2;
+    scores.network.signals.push("infra-port");
   }
-};
-
-// src/shared/constants/pentest.ts
-var WORDLISTS = {
-  // Most commonly used password wordlists
-  ROCKYOU: "/usr/share/wordlists/rockyou.txt",
-  COMMON_PASSWORDS: "/usr/share/seclists/Passwords/common-passwords.txt",
-  PASSWORDS_10K: "/usr/share/seclists/Passwords/Common-Credentials/10k-most-common.txt",
-  // Username lists
-  USERNAMES: "/usr/share/seclists/Usernames/top-usernames-shortlist.txt",
-  // Web content discovery
-  DIRB_COMMON: "/usr/share/wordlists/dirb/common.txt",
-  RAFT_MEDIUM_DIRS: "/usr/share/seclists/Discovery/Web-Content/raft-medium-directories.txt",
-  // DNS/Subdomain discovery
-  SUBDOMAINS: "/usr/share/seclists/Discovery/DNS/subdomains-top1million-5000.txt",
-  // API testing
-  API_ENDPOINTS: "/usr/share/seclists/Discovery/Web-Content/api/api-endpoints.txt",
-  API_FUZZ: "/usr/share/seclists/Fuzzing/api-fuzz.txt"
-};
-var HASHCAT_MODES = {
-  MD5: "0",
-  SHA1: "100",
-  NTLM: "1000",
-  SHA256: "1400",
-  bcrypt: "3200",
-  WPA: "2500"
-};
-var NOISE_CLASSIFICATION = {
-  HIGH: [
-    "arp_spoof",
-    "mitm_proxy",
-    "packet_sniff",
-    "dns_spoof",
-    "traffic_intercept",
-    "nmap",
-    "masscan",
-    "nuclei",
-    "nikto"
-  ],
-  MEDIUM: [
-    "ffuf",
-    "gobuster",
-    "dirsearch",
-    "feroxbuster"
-  ]
-};
+  if (/\.(elf|bin|out|exe)\b/.test(lowerData)) {
+    scores.pwn.score += 3;
+    scores.pwn.signals.push("binary-file");
+  }
+  if (/\.(pcap|pcapng|mem|raw|img|dd)\b/.test(lowerData)) {
+    scores.forensics.score += 3;
+    scores.forensics.signals.push("forensic-file");
+  }
+  if (/\.(py|sage|pem|pub)\b.*(?:encrypt|decrypt|rsa|aes)/i.test(reconData)) {
+    scores.crypto.score += 3;
+    scores.crypto.signals.push("crypto-file");
+  }
+  const sorted = Object.entries(scores).filter(([type]) => type !== "unknown").sort(([, a], [, b]) => b.score - a.score);
+  const [primaryType, primaryData] = sorted[0];
+  const totalSignals = sorted.reduce((sum, [, data]) => sum + data.score, 0);
+  const confidence = totalSignals > 0 ? Math.min(1, primaryData.score / Math.max(totalSignals, 1)) : 0;
+  const threshold = primaryData.score * SECONDARY_TYPE_RATIO;
+  const secondaryTypes = sorted.slice(1).filter(([, data]) => data.score >= threshold && data.score > 0).map(([type]) => type);
+  return {
+    primaryType: primaryData.score > 0 ? primaryType : "unknown",
+    secondaryTypes,
+    confidence,
+    matchedSignals: primaryData.signals,
+    recommendedTechniques: TYPE_TECHNIQUE_MAP[primaryType] || TYPE_TECHNIQUE_MAP.unknown,
+    recommendedPhasePrompt: TYPE_PHASE_PROMPT_MAP[primaryType] || TYPE_PHASE_PROMPT_MAP.unknown,
+    strategySuggestion: TYPE_STRATEGY_MAP[primaryType] || TYPE_STRATEGY_MAP.unknown
+  };
+}
+function formatChallengeAnalysis(analysis) {
+  if (analysis.primaryType === "unknown") return "";
+  const lines = [
+    `<challenge-analysis>`,
+    `Type: ${analysis.primaryType.toUpperCase()} (confidence: ${(analysis.confidence * 100).toFixed(0)}%)`
+  ];
+  if (analysis.secondaryTypes.length > 0) {
+    lines.push(`Secondary: ${analysis.secondaryTypes.join(", ")}`);
+  }
+  lines.push(`Signals: ${analysis.matchedSignals.join(", ")}`);
+  lines.push(`Strategy: ${analysis.strategySuggestion}`);
+  lines.push(`Focus techniques: ${analysis.recommendedTechniques.join(", ")}`);
+  lines.push(`</challenge-analysis>`);
+  return lines.join("\n");
+}
 
 // src/engine/tools/system.ts
 var systemTools = [
@@ -3048,6 +4231,111 @@ Checklist Items: ${state.getMissionChecklist().length}`
   }
 ];
 
+// src/shared/utils/finding-validator.ts
+var VALIDATION_THRESHOLDS = {
+  /** Divisor for base confidence (N+ pattern matches = 100%) */
+  CONFIDENCE_DIVISOR: 2,
+  /** Penalty per false-positive indicator */
+  FALSE_POSITIVE_PENALTY: 0.15,
+  /** Confidence breakpoints for quality classification */
+  QUALITY_STRONG: 0.8,
+  QUALITY_MODERATE: 0.5,
+  /** Minimum confidence for verification */
+  VERIFICATION_MIN: 0.5
+};
+var SUCCESS_PATTERNS = [
+  // Shell access indicators
+  { pattern: /uid=\d+\([^)]+\)\s+gid=\d+/, description: "Unix id output", weight: 1 },
+  { pattern: /root:x:0:0/, description: "/etc/passwd root entry", weight: 0.9 },
+  { pattern: /NT AUTHORITY\\SYSTEM/i, description: "Windows SYSTEM access", weight: 1 },
+  { pattern: /nt authority\\system/i, description: "Windows SYSTEM access (lowercase)", weight: 1 },
+  { pattern: /\$ whoami\s*\n\s*root/, description: "root whoami output", weight: 1 },
+  { pattern: /Administrator/, description: "Windows Administrator", weight: 0.7 },
+  // Database access
+  { pattern: /\d+ rows? in set/, description: "SQL query result", weight: 0.8 },
+  { pattern: /mysql>|postgres[=#]|sqlite>/, description: "Database shell prompt", weight: 0.9 },
+  { pattern: /CREATE TABLE|INSERT INTO|SELECT \*/i, description: "SQL DDL/DML output", weight: 0.7 },
+  // File read success
+  { pattern: /-----BEGIN (RSA |EC |OPENSSH )?PRIVATE KEY-----/, description: "Private key exposure", weight: 1 },
+  { pattern: /-----BEGIN CERTIFICATE-----/, description: "Certificate exposure", weight: 0.6 },
+  { pattern: /DB_PASSWORD|DATABASE_URL|SECRET_KEY/i, description: "Credential in config", weight: 0.8 },
+  // RCE indicators
+  { pattern: /Linux\s+\S+\s+\d+\.\d+/, description: "Linux uname output", weight: 0.7 },
+  { pattern: /Windows\s+(Server\s+)?\d{4}/i, description: "Windows systeminfo", weight: 0.7 },
+  { pattern: /\bwww-data\b/, description: "Web server user context", weight: 0.6 },
+  // Network access
+  { pattern: /Nmap scan report for/, description: "Internal nmap scan (pivoting)", weight: 0.5 },
+  { pattern: /meterpreter\s*>/, description: "Meterpreter session", weight: 1 },
+  // Credential extraction
+  { pattern: /\b[a-f0-9]{32}\b:\b[a-f0-9]{32}\b/, description: "Hash:hash pair", weight: 0.7 },
+  { pattern: /password\s*[:=]\s*\S+/i, description: "Password in output", weight: 0.6 }
+];
+var FALSE_POSITIVE_PATTERNS = [
+  { pattern: /connection refused/i, description: "Connection refused" },
+  { pattern: /access denied/i, description: "Access denied" },
+  { pattern: /permission denied/i, description: "Permission denied" },
+  { pattern: /404 not found/i, description: "404 response" },
+  { pattern: /401 unauthorized/i, description: "Unauthorized" },
+  { pattern: /timeout|timed out/i, description: "Timeout" },
+  { pattern: /error:|exception:/i, description: "Error/Exception" }
+];
+function validateFinding(evidence, severity) {
+  if (!evidence || evidence.length === 0) {
+    return {
+      isVerified: false,
+      confidence: 0,
+      verificationNote: "No evidence provided \u2014 finding is unverified.",
+      evidenceQuality: "none"
+    };
+  }
+  const combinedEvidence = evidence.join("\n");
+  const flags = detectFlags(combinedEvidence);
+  if (flags.length > 0) {
+    return {
+      isVerified: true,
+      confidence: 1,
+      verificationNote: `CTF flag detected in evidence: ${flags[0]}`,
+      evidenceQuality: "strong"
+    };
+  }
+  let totalWeight = 0;
+  const matchedPatterns = [];
+  for (const { pattern, description, weight } of SUCCESS_PATTERNS) {
+    pattern.lastIndex = 0;
+    if (pattern.test(combinedEvidence)) {
+      totalWeight += weight;
+      matchedPatterns.push(description);
+    }
+  }
+  let falsePositiveCount = 0;
+  for (const { pattern } of FALSE_POSITIVE_PATTERNS) {
+    pattern.lastIndex = 0;
+    if (pattern.test(combinedEvidence)) {
+      falsePositiveCount++;
+    }
+  }
+  const baseConfidence = Math.min(1, totalWeight / VALIDATION_THRESHOLDS.CONFIDENCE_DIVISOR);
+  const fpPenalty = falsePositiveCount * VALIDATION_THRESHOLDS.FALSE_POSITIVE_PENALTY;
+  const confidence = Math.max(0, baseConfidence - fpPenalty);
+  let evidenceQuality;
+  if (confidence >= VALIDATION_THRESHOLDS.QUALITY_STRONG) evidenceQuality = "strong";
+  else if (confidence >= VALIDATION_THRESHOLDS.QUALITY_MODERATE) evidenceQuality = "moderate";
+  else if (confidence > 0) evidenceQuality = "weak";
+  else evidenceQuality = "none";
+  const isVerified = confidence >= VALIDATION_THRESHOLDS.VERIFICATION_MIN;
+  const note = matchedPatterns.length > 0 ? `Evidence matches: ${matchedPatterns.join(", ")}. Confidence: ${(confidence * 100).toFixed(0)}%` : `No recognized success patterns in evidence. ${falsePositiveCount > 0 ? `${falsePositiveCount} potential false-positive indicators found.` : "Manual review recommended."}`;
+  return {
+    isVerified,
+    confidence,
+    verificationNote: note,
+    evidenceQuality
+  };
+}
+function formatValidation(result2) {
+  const icon = result2.isVerified ? "\u2705" : "\u26A0\uFE0F";
+  return `${icon} Verified: ${result2.isVerified} | Quality: ${result2.evidenceQuality} | ${result2.verificationNote}`;
+}
+
 // src/engine/tools/pentest-target-tools.ts
 var createTargetTools = (state) => [
   {
@@ -3114,6 +4402,9 @@ The target will be tracked in SharedState and available for all agents.`,
         tags: p.tags || [],
         firstSeen: Date.now()
       });
+      for (const port of ports) {
+        state.attackGraph.addService(ip, port.port, port.service, port.version);
+      }
       return { success: true, output: `Target ${ip} added.${p.hostname ? ` Hostname: ${p.hostname}` : ""} Ports: ${ports.length}` };
     }
   },
@@ -3132,19 +4423,28 @@ Types: credential, hash, token, ssh_key, api_key, file, session, ticket, certifi
     execute: async (p) => {
       const lootType = p.type;
       const crackableTypes = ["hash"];
+      const detail = p.detail;
+      const host = p.host;
       state.addLoot({
         type: lootType,
-        host: p.host,
-        detail: p.detail,
+        host,
+        detail,
         obtainedAt: Date.now(),
         isCrackable: crackableTypes.includes(lootType),
         isCracked: false
       });
+      if (["credential", "token", "ssh_key", "api_key"].includes(lootType)) {
+        const parts = detail.split(":");
+        if (parts.length >= 2) {
+          state.attackGraph.addCredential(parts[0], parts.slice(1).join(":"), host);
+        }
+      }
+      state.episodicMemory.record("access_gained", `Loot [${lootType}] from ${host}: ${detail.slice(0, DISPLAY_LIMITS.MEMORY_EVENT_PREVIEW)}`);
       return {
         success: true,
-        output: `Loot recorded: [${lootType}] from ${p.host}
-Detail: ${p.detail}
-` + (crackableTypes.includes(lootType) ? `This is crackable. Consider: hash_crack({ hashes: "${p.detail.slice(0, DISPLAY_LIMITS.LOOT_DETAIL_PREVIEW)}..." })` : `Consider credential reuse / lateral movement with this loot.`)
+        output: `Loot recorded: [${lootType}] from ${host}
+Detail: ${detail}
+` + (crackableTypes.includes(lootType) ? `This is crackable. Consider: hash_crack({ hashes: "${detail.slice(0, DISPLAY_LIMITS.LOOT_DETAIL_PREVIEW)}..." })` : `Consider credential reuse / lateral movement with this loot.`)
       };
     }
   },
@@ -3158,18 +4458,34 @@ Detail: ${p.detail}
     },
     required: ["title", "severity"],
     execute: async (p) => {
+      const evidence = p.evidence || [];
+      const title = p.title;
+      const severity = p.severity;
+      const affected = p.affected || [];
+      const validation = validateFinding(evidence, severity);
       state.addFinding({
         id: generateId(ID_RADIX, ID_LENGTH),
-        title: p.title,
-        severity: p.severity,
-        affected: p.affected || [],
+        title,
+        severity,
+        affected,
         description: p.description || "",
-        evidence: [],
-        isVerified: false,
+        evidence,
+        isVerified: validation.isVerified,
         remediation: "",
         foundAt: Date.now()
       });
-      return { success: true, output: `Added: ${p.title}` };
+      const hasExploit = validation.isVerified;
+      const target = affected[0] || "unknown";
+      state.attackGraph.addVulnerability(title, target, severity, hasExploit);
+      state.episodicMemory.record(
+        validation.isVerified ? "tool_success" : "tool_failure",
+        `Finding: ${title} (${severity}) \u2014 ${formatValidation(validation)}`
+      );
+      return {
+        success: true,
+        output: `Added: ${title}
+${formatValidation(validation)}`
+      };
     }
   }
 ];
@@ -3226,7 +4542,7 @@ var SEARCH_LIMIT = {
 };
 
 // src/engine/tools/web-browser.ts
-import { join as join5 } from "path";
+import { join as join6 } from "path";
 import { tmpdir as tmpdir3 } from "os";
 
 // src/shared/constants/browser/config.ts
@@ -3277,8 +4593,8 @@ var PLAYWRIGHT_SCRIPT = {
 
 // src/engine/tools/web-browser-setup.ts
 import { spawn as spawn4 } from "child_process";
-import { existsSync as existsSync4 } from "fs";
-import { join as join3, dirname as dirname2 } from "path";
+import { existsSync as existsSync5 } from "fs";
+import { join as join4, dirname as dirname2 } from "path";
 function getPlaywrightPath() {
   try {
     const mainPath = __require.resolve("playwright");
@@ -3286,13 +4602,13 @@ function getPlaywrightPath() {
   } catch {
   }
   const dockerPath = "/app/node_modules/playwright";
-  if (existsSync4(dockerPath)) return dockerPath;
+  if (existsSync5(dockerPath)) return dockerPath;
   const nodePath = process.env.NODE_PATH || "";
   for (const dir of nodePath.split(":").filter(Boolean)) {
-    const candidate = join3(dir, "playwright");
-    if (existsSync4(candidate)) return candidate;
+    const candidate = join4(dir, "playwright");
+    if (existsSync5(candidate)) return candidate;
   }
-  return join3(process.cwd(), "node_modules", "playwright");
+  return join4(process.cwd(), "node_modules", "playwright");
 }
 async function checkPlaywright() {
   try {
@@ -3343,19 +4659,19 @@ async function installPlaywright() {
 
 // src/engine/tools/web-browser-script.ts
 import { spawn as spawn5 } from "child_process";
-import { writeFileSync as writeFileSync4, unlinkSync as unlinkSync2 } from "fs";
-import { join as join4 } from "path";
+import { writeFileSync as writeFileSync5, unlinkSync as unlinkSync2 } from "fs";
+import { join as join5 } from "path";
 import { tmpdir as tmpdir2 } from "os";
 function safeJsString(str) {
   return JSON.stringify(str);
 }
 function runPlaywrightScript(script, timeout, scriptPrefix) {
   return new Promise((resolve) => {
-    const tempDir = join4(tmpdir2(), BROWSER_PATHS.TEMP_DIR_NAME);
+    const tempDir = join5(tmpdir2(), BROWSER_PATHS.TEMP_DIR_NAME);
     ensureDirExists(tempDir);
-    const scriptPath = join4(tempDir, `${scriptPrefix}-${Date.now()}${PLAYWRIGHT_SCRIPT.EXTENSION}`);
+    const scriptPath = join5(tempDir, `${scriptPrefix}-${Date.now()}${PLAYWRIGHT_SCRIPT.EXTENSION}`);
     try {
-      writeFileSync4(scriptPath, script, "utf-8");
+      writeFileSync5(scriptPath, script, "utf-8");
     } catch (err) {
       resolve({
         success: false,
@@ -3366,7 +4682,7 @@ function runPlaywrightScript(script, timeout, scriptPrefix) {
     }
     const nodePathDirs = [
       "/app/node_modules",
-      join4(process.cwd(), "node_modules"),
+      join5(process.cwd(), "node_modules"),
       process.env.NODE_PATH || ""
     ].filter(Boolean).join(":");
     const child = spawn5(PLAYWRIGHT_CMD.NODE, [scriptPath], {
@@ -3573,7 +4889,7 @@ async function browseUrl(url, options = {}) {
       };
     }
   }
-  const screenshotPath = browserOptions.screenshot ? join5(join5(tmpdir3(), BROWSER_PATHS.TEMP_DIR_NAME), `screenshot-${Date.now()}.png`) : void 0;
+  const screenshotPath = browserOptions.screenshot ? join6(join6(tmpdir3(), BROWSER_PATHS.TEMP_DIR_NAME), `screenshot-${Date.now()}.png`) : void 0;
   const script = buildBrowseScript(url, browserOptions, screenshotPath);
   const result2 = await runPlaywrightScript(script, browserOptions.timeout, "browse");
   if (!result2.success) {
@@ -4853,8 +6169,8 @@ Returns: All available wordlists with their paths, sizes, and categories.`,
       }
     },
     execute: async (p) => {
-      const { existsSync: existsSync8, statSync: statSync2, readdirSync: readdirSync3 } = await import("fs");
-      const { join: join10 } = await import("path");
+      const { existsSync: existsSync9, statSync: statSync2, readdirSync: readdirSync3 } = await import("fs");
+      const { join: join11 } = await import("path");
       const category = p.category || "";
       const search = p.search || "";
       const minSize = p.min_size || 0;
@@ -4900,7 +6216,7 @@ Returns: All available wordlists with their paths, sizes, and categories.`,
         results.push("");
       };
       const scanDir = (dirPath, maxDepth = 3, depth = 0) => {
-        if (depth > maxDepth || !existsSync8(dirPath)) return;
+        if (depth > maxDepth || !existsSync9(dirPath)) return;
         let entries;
         try {
           entries = readdirSync3(dirPath, { withFileTypes: true });
@@ -4909,7 +6225,7 @@ Returns: All available wordlists with their paths, sizes, and categories.`,
         }
         for (const entry of entries) {
           if (entry.name.startsWith(".") || SKIP_DIRS.has(entry.name)) continue;
-          const fullPath = join10(dirPath, entry.name);
+          const fullPath = join11(dirPath, entry.name);
           if (entry.isDirectory()) {
             scanDir(fullPath, maxDepth, depth + 1);
             continue;
@@ -5283,8 +6599,8 @@ Requires root/sudo privileges.`,
       const iface = p.interface || "";
       const duration = p.duration || NETWORK_CONFIG.DEFAULT_SPOOF_DURATION;
       const hostsFile = createTempFile(".hosts");
-      const { writeFileSync: writeFileSync7 } = await import("fs");
-      writeFileSync7(hostsFile, `${spoofIp}	${domain}
+      const { writeFileSync: writeFileSync8 } = await import("fs");
+      writeFileSync8(hostsFile, `${spoofIp}	${domain}
 ${spoofIp}	*.${domain}
 `);
       const ifaceFlag = iface ? `-i ${iface}` : "";
@@ -5827,8 +7143,13 @@ var ToolRegistry = class {
     return this.tools.get(name);
   }
   /**
-   * Execute tool with integrated safety pipeline (Scope -> Approval -> Execution -> Log)
-   * Implements §8-1 (Safe Execution Pattern).
+   * Execute tool with integrated pipeline:
+   * Scope → Approval → Execution → Memory → Structured Extract → Log
+   *
+   * Enhancements integrated:
+   * - #2: Auto-Prompter trigger after initial recon
+   * - #10: Structured output extraction
+   * - #12: Working memory (success/failure tracking)
    */
   async execute(toolCall) {
     const tool = this.getTool(toolCall.name);
@@ -5841,6 +7162,43 @@ var ToolRegistry = class {
       return { success: false, output: "", error: approval.reason || "Denied by policy" };
     }
     const result2 = await tool.execute(toolCall.input);
+    const command = String(toolCall.input.command || toolCall.input.url || toolCall.input.query || "");
+    if (result2.success) {
+      this.state.workingMemory.recordSuccess(toolCall.name, command, result2.output || "");
+    } else {
+      this.state.workingMemory.recordFailure(toolCall.name, command, result2.error || "Unknown error");
+    }
+    if (result2.success && result2.output) {
+      const structured = autoExtractStructured(toolCall.name, result2.output);
+      if (structured) {
+        const additions = [];
+        if (structured.credentials && structured.credentials.length > 0) {
+          additions.push(`
+[AUTO-EXTRACTED] ${structured.credentials.length} credential(s) found`);
+        }
+        if (structured.vulnerabilities && structured.vulnerabilities.length > 0) {
+          additions.push(`
+[AUTO-EXTRACTED] ${structured.vulnerabilities.length} CVE reference(s) found`);
+        }
+        if (structured.binaryAnalysisSummary) {
+          additions.push(`
+[AUTO-EXTRACTED] Binary analysis:
+${structured.binaryAnalysisSummary}`);
+        }
+        if (additions.length > 0) {
+          result2.output += additions.join("");
+        }
+      }
+    }
+    if (result2.success && !this.state.getChallengeAnalysis()) {
+      const reconTools = [TOOL_NAMES.RUN_CMD, TOOL_NAMES.BROWSE_URL, TOOL_NAMES.PARSE_NMAP];
+      if (reconTools.includes(toolCall.name) && result2.output && result2.output.length > MIN_RECON_OUTPUT_LENGTH) {
+        const analysis = analyzeChallenge(result2.output);
+        if (analysis.confidence > MIN_CHALLENGE_CONFIDENCE) {
+          this.state.setChallengeAnalysis(analysis);
+        }
+      }
+    }
     this.logSuccessfulAction(toolCall, approval, result2);
     return result2;
   }
@@ -5977,7 +7335,7 @@ var ServiceParser = class {
 };
 
 // src/domains/registry.ts
-import { join as join6, dirname as dirname3 } from "path";
+import { join as join7, dirname as dirname3 } from "path";
 import { fileURLToPath as fileURLToPath2 } from "url";
 var __dirname2 = dirname3(fileURLToPath2(import.meta.url));
 var DOMAINS = {
@@ -5985,73 +7343,73 @@ var DOMAINS = {
     id: SERVICE_CATEGORIES.NETWORK,
     name: "Network Infrastructure",
     description: "Vulnerability scanning, port mapping, and network service exploitation.",
-    promptPath: join6(__dirname2, "network/prompt.md")
+    promptPath: join7(__dirname2, "network/prompt.md")
   },
   [SERVICE_CATEGORIES.WEB]: {
     id: SERVICE_CATEGORIES.WEB,
     name: "Web Application",
     description: "Web app security testing, injection attacks, and auth bypass.",
-    promptPath: join6(__dirname2, "web/prompt.md")
+    promptPath: join7(__dirname2, "web/prompt.md")
   },
   [SERVICE_CATEGORIES.DATABASE]: {
     id: SERVICE_CATEGORIES.DATABASE,
     name: "Database Security",
     description: "SQL injection, database enumeration, and data extraction.",
-    promptPath: join6(__dirname2, "database/prompt.md")
+    promptPath: join7(__dirname2, "database/prompt.md")
   },
   [SERVICE_CATEGORIES.AD]: {
     id: SERVICE_CATEGORIES.AD,
     name: "Active Directory",
     description: "Kerberos, LDAP, and Windows domain privilege escalation.",
-    promptPath: join6(__dirname2, "ad/prompt.md")
+    promptPath: join7(__dirname2, "ad/prompt.md")
   },
   [SERVICE_CATEGORIES.EMAIL]: {
     id: SERVICE_CATEGORIES.EMAIL,
     name: "Email Services",
     description: "SMTP, IMAP, POP3 security and user enumeration.",
-    promptPath: join6(__dirname2, "email/prompt.md")
+    promptPath: join7(__dirname2, "email/prompt.md")
   },
   [SERVICE_CATEGORIES.REMOTE_ACCESS]: {
     id: SERVICE_CATEGORIES.REMOTE_ACCESS,
     name: "Remote Access",
     description: "SSH, RDP, VNC and other remote control protocols.",
-    promptPath: join6(__dirname2, "remote-access/prompt.md")
+    promptPath: join7(__dirname2, "remote-access/prompt.md")
   },
   [SERVICE_CATEGORIES.FILE_SHARING]: {
     id: SERVICE_CATEGORIES.FILE_SHARING,
     name: "File Sharing",
     description: "SMB, NFS, FTP and shared resource security.",
-    promptPath: join6(__dirname2, "file-sharing/prompt.md")
+    promptPath: join7(__dirname2, "file-sharing/prompt.md")
   },
   [SERVICE_CATEGORIES.CLOUD]: {
     id: SERVICE_CATEGORIES.CLOUD,
     name: "Cloud Infrastructure",
     description: "AWS, Azure, and GCP security and misconfiguration.",
-    promptPath: join6(__dirname2, "cloud/prompt.md")
+    promptPath: join7(__dirname2, "cloud/prompt.md")
   },
   [SERVICE_CATEGORIES.CONTAINER]: {
     id: SERVICE_CATEGORIES.CONTAINER,
     name: "Container Systems",
     description: "Docker and Kubernetes security testing.",
-    promptPath: join6(__dirname2, "container/prompt.md")
+    promptPath: join7(__dirname2, "container/prompt.md")
   },
   [SERVICE_CATEGORIES.API]: {
     id: SERVICE_CATEGORIES.API,
     name: "API Security",
     description: "REST, GraphQL, and SOAP API security testing.",
-    promptPath: join6(__dirname2, "api/prompt.md")
+    promptPath: join7(__dirname2, "api/prompt.md")
   },
   [SERVICE_CATEGORIES.WIRELESS]: {
     id: SERVICE_CATEGORIES.WIRELESS,
     name: "Wireless Networks",
     description: "WiFi and Bluetooth security testing.",
-    promptPath: join6(__dirname2, "wireless/prompt.md")
+    promptPath: join7(__dirname2, "wireless/prompt.md")
   },
   [SERVICE_CATEGORIES.ICS]: {
     id: SERVICE_CATEGORIES.ICS,
     name: "Industrial Systems",
     description: "Critical infrastructure - Modbus, DNP3, ENIP.",
-    promptPath: join6(__dirname2, "ics/prompt.md")
+    promptPath: join7(__dirname2, "ics/prompt.md")
   }
 };
 
@@ -6608,13 +7966,13 @@ function logLLM(message, data) {
 
 // src/engine/orchestrator/orchestrator.ts
 import { fileURLToPath as fileURLToPath3 } from "url";
-import { dirname as dirname4, join as join7 } from "path";
+import { dirname as dirname4, join as join8 } from "path";
 var __filename2 = fileURLToPath3(import.meta.url);
 var __dirname3 = dirname4(__filename2);
 
 // src/engine/state-persistence.ts
-import { writeFileSync as writeFileSync5, readFileSync as readFileSync3, existsSync as existsSync5, readdirSync, statSync, unlinkSync as unlinkSync3 } from "fs";
-import { join as join8 } from "path";
+import { writeFileSync as writeFileSync6, readFileSync as readFileSync4, existsSync as existsSync6, readdirSync, statSync, unlinkSync as unlinkSync3 } from "fs";
+import { join as join9 } from "path";
 function saveState(state) {
   const sessionsDir = WORKSPACE.SESSIONS;
   ensureDirExists(sessionsDir);
@@ -6632,10 +7990,10 @@ function saveState(state) {
     missionChecklist: state.getMissionChecklist()
   };
   const sessionId = (/* @__PURE__ */ new Date()).toISOString().replace(/[:.]/g, "-");
-  const sessionFile = join8(sessionsDir, `${sessionId}.json`);
-  writeFileSync5(sessionFile, JSON.stringify(snapshot, null, 2), "utf-8");
-  const latestFile = join8(sessionsDir, "latest.json");
-  writeFileSync5(latestFile, JSON.stringify(snapshot, null, 2), "utf-8");
+  const sessionFile = join9(sessionsDir, `${sessionId}.json`);
+  writeFileSync6(sessionFile, JSON.stringify(snapshot, null, 2), "utf-8");
+  const latestFile = join9(sessionsDir, "latest.json");
+  writeFileSync6(latestFile, JSON.stringify(snapshot, null, 2), "utf-8");
   pruneOldSessions(sessionsDir);
   return sessionFile;
 }
@@ -6643,8 +8001,8 @@ function pruneOldSessions(sessionsDir) {
   try {
     const sessionFiles = readdirSync(sessionsDir).filter((f) => f.endsWith(".json") && f !== "latest.json").map((f) => ({
       name: f,
-      path: join8(sessionsDir, f),
-      mtime: statSync(join8(sessionsDir, f)).mtimeMs
+      path: join9(sessionsDir, f),
+      mtime: statSync(join9(sessionsDir, f)).mtimeMs
     })).sort((a, b) => b.mtime - a.mtime);
     const toDelete = sessionFiles.slice(AGENT_LIMITS.MAX_SESSION_FILES);
     for (const file of toDelete) {
@@ -6654,12 +8012,12 @@ function pruneOldSessions(sessionsDir) {
   }
 }
 function loadState(state) {
-  const latestFile = join8(WORKSPACE.SESSIONS, "latest.json");
-  if (!existsSync5(latestFile)) {
+  const latestFile = join9(WORKSPACE.SESSIONS, "latest.json");
+  if (!existsSync6(latestFile)) {
     return false;
   }
   try {
-    const raw = readFileSync3(latestFile, "utf-8");
+    const raw = readFileSync4(latestFile, "utf-8");
     const snapshot = JSON.parse(raw);
     if (snapshot.version !== 1) {
       debugLog("general", `Unknown snapshot version: ${snapshot.version}`);
@@ -6696,105 +8054,6 @@ function loadState(state) {
   }
 }
 
-// src/shared/utils/ctf-knowledge.ts
-var FLAG_PATTERNS = {
-  // Generic CTF flag formats
-  generic: /flag\{[^}]+\}/gi,
-  curly_upper: /FLAG\{[^}]+\}/g,
-  // Platform-specific — Major International Competitions
-  htb: /HTB\{[^}]+\}/g,
-  thm: /THM\{[^}]+\}/g,
-  picoCTF: /picoCTF\{[^}]+\}/g,
-  defcon_ooo: /OOO\{[^}]+\}/g,
-  // DEF CON CTF (Order of the Overflow)
-  csaw: /CSAW\{[^}]+\}/g,
-  // CSAW CTF
-  google: /CTF\{[^}]+\}/g,
-  // Google CTF
-  dragon: /DrgnS\{[^}]+\}/g,
-  // Dragon Sector
-  hxp: /hxp\{[^}]+\}/g,
-  // hxp CTF
-  zer0pts: /zer0pts\{[^}]+\}/g,
-  // zer0pts CTF
-  // Asia-Pacific Major Competitions
-  seccon: /SECCON\{[^}]+\}/g,
-  // SECCON CTF (Japan)
-  hitcon: /hitcon\{[^}]+\}/gi,
-  // HITCON CTF (Taiwan)
-  codegate: /codegate\{[^}]+\}/gi,
-  // Codegate CTF (Korea)
-  wacon: /WACON\{[^}]+\}/g,
-  // WACON CTF (Korea)
-  linectf: /LINECTF\{[^}]+\}/g,
-  // LINE CTF (Korea/Japan)
-  tsgctf: /TSGCTF\{[^}]+\}/g,
-  // TSG CTF (Japan)
-  kosenctf: /KosenCTF\{[^}]+\}/g,
-  // Kosen CTF (Japan)
-  asis: /ASIS\{[^}]+\}/g,
-  // ASIS CTF (Iran)
-  // Americas / Europe Major Competitions
-  plaidctf: /PCTF\{[^}]+\}/g,
-  // PlaidCTF (PPP)
-  dicectf: /dice\{[^}]+\}/gi,
-  // DiceCTF
-  rwctf: /rwctf\{[^}]+\}/gi,
-  // Real World CTF
-  rctf: /RCTF\{[^}]+\}/g,
-  // RCTF
-  n1ctf: /N1CTF\{[^}]+\}/g,
-  // N1CTF (Nu1L)
-  bctf: /BCTF\{[^}]+\}/g,
-  // BCTF
-  _0ctf: /0CTF\{[^}]+\}/g,
-  // 0CTF (Shanghai)
-  defcamp: /CTF\{[^}]+\}/g,
-  // DefCamp
-  insomnihack: /INS\{[^}]+\}/g,
-  // Insomni'hack
-  justctf: /justCTF\{[^}]+\}/g,
-  // justCTF
-  lactf: /lactf\{[^}]+\}/gi,
-  // LA CTF (UCLA)
-  damctf: /dam\{[^}]+\}/gi,
-  // DamCTF
-  tjctf: /tjctf\{[^}]+\}/gi,
-  // TJCTF
-  buckeye: /buckeye\{[^}]+\}/gi,
-  // BuckeyeCTF
-  uiuctf: /uiuctf\{[^}]+\}/gi,
-  // UIUCTF
-  // Platform-specific
-  cyber_apocalypse: /HTB\{[^}]+\}/g,
-  // HTB Cyber Apocalypse (same as HTB)
-  offshift: /oS\{[^}]+\}/g,
-  // Offshift CTF
-  imaginaryctf: /ictf\{[^}]+\}/gi,
-  // ImaginaryCTF
-  corctf: /corctf\{[^}]+\}/gi,
-  // corCTF
-  // Generic CTFd format — catches most custom competitions
-  ctfd_generic: /[A-Z]{2,10}\{[^}]+\}/g,
-  // Hash-style flags (HTB user.txt / root.txt — 32-char hex)
-  hash_flag: /\b[a-f0-9]{32}\b/g,
-  // Base64-encoded flag detection (common in steganography/forensics)
-  base64_flag: /flag\{[A-Za-z0-9_+\-/=]+\}/gi
-};
-var MIN_FLAG_SCAN_LENGTH = 5;
-function detectFlags(output) {
-  if (!output || output.length < MIN_FLAG_SCAN_LENGTH) return [];
-  const found = /* @__PURE__ */ new Set();
-  for (const pattern of Object.values(FLAG_PATTERNS)) {
-    pattern.lastIndex = 0;
-    const matches = output.match(pattern);
-    if (matches) {
-      for (const m of matches) found.add(m);
-    }
-  }
-  return Array.from(found);
-}
-
 // src/agents/tool-error-enrichment.ts
 function enrichToolErrorContext(ctx) {
   const { toolName, input, error, originalOutput, progress } = ctx;
@@ -6876,6 +8135,21 @@ function appendBlockedCommandHints(lines, errorLower) {
 var MIN_COMPRESS_LENGTH = 3e3;
 var SUMMARY_HEADER = "\u2550\u2550\u2550 INTELLIGENCE SUMMARY (auto-extracted) \u2550\u2550\u2550";
 var SUMMARY_FOOTER = "\u2550\u2550\u2550 END SUMMARY \u2014 Full output follows \u2550\u2550\u2550";
+var EXTRACT_LIMITS = {
+  NMAP_PORTS: 30,
+  NMAP_VULNS: 10,
+  LINPEAS_SUDO: 500,
+  LINPEAS_WRITABLE: 300,
+  LINPEAS_CRON: 5,
+  LINPEAS_PASSWORDS: 5,
+  ENUM4LINUX_SHARES: 10,
+  DIRBUST_PATHS: 20,
+  SQLMAP_INJECTIONS: 5,
+  HASH_NTLM: 5,
+  HASH_PREVIEW_LEN: 100,
+  GENERIC_CREDS: 5,
+  GENERIC_PATHS: 10
+};
 var TOOL_SIGNATURES = [
   {
     name: "nmap",
@@ -6950,7 +8224,7 @@ function extractNmapIntel(output) {
   const portLines = lines.filter((l) => /^\d+\/\w+\s+open\s+/.test(l.trim()));
   if (portLines.length > 0) {
     intel.push("Open ports:");
-    for (const pl of portLines.slice(0, 30)) {
+    for (const pl of portLines.slice(0, EXTRACT_LIMITS.NMAP_PORTS)) {
       intel.push(`  ${pl.trim()}`);
     }
   }
@@ -6959,7 +8233,7 @@ function extractNmapIntel(output) {
   );
   if (vulnLines.length > 0) {
     intel.push("\u26A0\uFE0F  Vulnerability indicators:");
-    for (const vl of vulnLines.slice(0, 10)) {
+    for (const vl of vulnLines.slice(0, EXTRACT_LIMITS.NMAP_VULNS)) {
       intel.push(`  ${vl.trim()}`);
     }
   }
@@ -6983,18 +8257,18 @@ function extractLinpeasIntel(output) {
   }
   const sudoMatch = output.match(/User \S+ may run[\s\S]*?(?=\n\n|\n[═╔╗━])/i);
   if (sudoMatch) {
-    intel.push(`\u{1F534} sudo -l: ${sudoMatch[0].trim().slice(0, 500)}`);
+    intel.push(`\u{1F534} sudo -l: ${sudoMatch[0].trim().slice(0, EXTRACT_LIMITS.LINPEAS_SUDO)}`);
   }
   const writableMatch = output.match(/Interesting writable[\s\S]*?(?=\n\n|\n[═╔╗━])/i);
   if (writableMatch) {
-    intel.push(`\u{1F4DD} Writable: ${writableMatch[0].trim().slice(0, 300)}`);
+    intel.push(`\u{1F4DD} Writable: ${writableMatch[0].trim().slice(0, EXTRACT_LIMITS.LINPEAS_WRITABLE)}`);
   }
   const cronMatch = output.match(/Cron[\s\S]*?(?=\n\n|\n[═╔╗━])/i);
   if (cronMatch) {
     const cronLines = cronMatch[0].split("\n").filter((l) => l.includes("*") || /\/(root|cron)/i.test(l));
     if (cronLines.length > 0) {
       intel.push("\u23F0 Cron entries:");
-      cronLines.slice(0, 5).forEach((c) => intel.push(`  ${c.trim()}`));
+      cronLines.slice(0, EXTRACT_LIMITS.LINPEAS_CRON).forEach((c) => intel.push(`  ${c.trim()}`));
     }
   }
   const kernelMatch = output.match(/Linux version\s+(\S+)/i) || output.match(/Kernel:\s*(\S+)/i);
@@ -7004,7 +8278,7 @@ function extractLinpeasIntel(output) {
   );
   if (passLines.length > 0) {
     intel.push("\u{1F511} Potential credentials found:");
-    passLines.slice(0, 5).forEach((p) => intel.push(`  ${p.trim()}`));
+    passLines.slice(0, EXTRACT_LIMITS.LINPEAS_PASSWORDS).forEach((p) => intel.push(`  ${p.trim()}`));
   }
   const cveMatches = output.match(/CVE-\d{4}-\d+/gi);
   if (cveMatches) {
@@ -7022,7 +8296,7 @@ function extractEnum4linuxIntel(output) {
   }
   const shareMatches = output.match(/Mapping: (\S+),\s*Listing: (\S+)/gi) || output.match(/\\\\\S+\\\\\S+/g);
   if (shareMatches) {
-    intel.push(`\u{1F4C2} Shares: ${shareMatches.slice(0, 10).join(", ")}`);
+    intel.push(`\u{1F4C2} Shares: ${shareMatches.slice(0, EXTRACT_LIMITS.ENUM4LINUX_SHARES).join(", ")}`);
   }
   const domainMatch = output.match(/Domain:\s*\[(\S+?)\]/i) || output.match(/Workgroup:\s*\[(\S+?)\]/i);
   if (domainMatch) intel.push(`\u{1F3E2} Domain: ${domainMatch[1]}`);
@@ -7050,9 +8324,9 @@ function extractDirBustIntel(output) {
   }
   if (interestingPaths.length > 0) {
     intel.push(`\u{1F4C1} Discovered paths (${interestingPaths.length}):`);
-    interestingPaths.slice(0, 20).forEach((p) => intel.push(`  ${p}`));
-    if (interestingPaths.length > 20) {
-      intel.push(`  ... and ${interestingPaths.length - 20} more`);
+    interestingPaths.slice(0, EXTRACT_LIMITS.DIRBUST_PATHS).forEach((p) => intel.push(`  ${p}`));
+    if (interestingPaths.length > EXTRACT_LIMITS.DIRBUST_PATHS) {
+      intel.push(`  ... and ${interestingPaths.length - EXTRACT_LIMITS.DIRBUST_PATHS} more`);
     }
   }
   return intel;
@@ -7062,7 +8336,7 @@ function extractSqlmapIntel(output) {
   const injectionTypes = output.match(/Type:\s*(\S.*?)(?:\n|$)/gi);
   if (injectionTypes) {
     intel.push("\u{1F489} SQL injection found:");
-    injectionTypes.slice(0, 5).forEach((t) => intel.push(`  ${t.trim()}`));
+    injectionTypes.slice(0, EXTRACT_LIMITS.SQLMAP_INJECTIONS).forEach((t) => intel.push(`  ${t.trim()}`));
   }
   const dbMatch = output.match(/back-end DBMS:\s*(.+)/i);
   if (dbMatch) intel.push(`\u{1F5C4}\uFE0F DBMS: ${dbMatch[1].trim()}`);
@@ -7088,7 +8362,7 @@ function extractHashIntel(output) {
   if (unixHashes.length > 0) intel.push(`#\uFE0F\u20E3 Unix crypt hashes: ${unixHashes.length}`);
   if (ntlmHashes.length > 0) {
     intel.push(`#\uFE0F\u20E3 NTLM hashes: ${ntlmHashes.length}`);
-    ntlmHashes.slice(0, 5).forEach((h) => intel.push(`  ${h.trim().slice(0, 100)}`));
+    ntlmHashes.slice(0, EXTRACT_LIMITS.HASH_NTLM).forEach((h) => intel.push(`  ${h.trim().slice(0, EXTRACT_LIMITS.HASH_PREVIEW_LEN)}`));
   }
   return intel;
 }
@@ -7097,7 +8371,7 @@ function extractGenericIntel(output) {
   const credPatterns = output.match(/(?:password|passwd|pwd|credentials?)\s*[=:]\s*\S+/gi);
   if (credPatterns) {
     intel.push("\u{1F511} Potential credentials detected:");
-    credPatterns.slice(0, 5).forEach((c) => intel.push(`  ${c.trim()}`));
+    credPatterns.slice(0, EXTRACT_LIMITS.GENERIC_CREDS).forEach((c) => intel.push(`  ${c.trim()}`));
   }
   const cves = output.match(/CVE-\d{4}-\d+/gi);
   if (cves) {
@@ -7115,7 +8389,7 @@ function extractGenericIntel(output) {
   }
   const paths = output.match(/\/(?:etc\/(?:shadow|passwd|sudoers)|root\/|home\/\S+|var\/www\/\S+|opt\/\S+)\S*/g);
   if (paths) {
-    const uniquePaths = [...new Set(paths)].slice(0, 10);
+    const uniquePaths = [...new Set(paths)].slice(0, EXTRACT_LIMITS.GENERIC_PATHS);
     intel.push(`\u{1F4C2} Interesting paths: ${uniquePaths.join(", ")}`);
   }
   const flagPatterns = output.match(/(?:flag|secret|key|token)\{[^}]+\}/gi);
@@ -7127,7 +8401,7 @@ function extractGenericIntel(output) {
 }
 
 // src/shared/utils/context-digest.ts
-import { writeFileSync as writeFileSync6, mkdirSync as mkdirSync2, existsSync as existsSync6 } from "fs";
+import { writeFileSync as writeFileSync7, mkdirSync as mkdirSync3, existsSync as existsSync7 } from "fs";
 var PASSTHROUGH_THRESHOLD = 3e3;
 var LAYER2_THRESHOLD = 8e3;
 var LAYER3_THRESHOLD = 5e4;
@@ -7352,13 +8626,13 @@ function normalizeLine(line) {
 function saveFullOutput(output, toolName) {
   try {
     const outputDir = getOutputDir();
-    if (!existsSync6(outputDir)) {
-      mkdirSync2(outputDir, { recursive: true });
+    if (!existsSync7(outputDir)) {
+      mkdirSync3(outputDir, { recursive: true });
     }
     const timestamp = (/* @__PURE__ */ new Date()).toISOString().replace(/[:.]/g, "-").slice(0, 19);
     const safeName = toolName.replace(/[^a-zA-Z0-9_-]/g, "_").slice(0, 30);
     const filePath = `${outputDir}/${timestamp}_${safeName}.txt`;
-    writeFileSync6(filePath, output, "utf-8");
+    writeFileSync7(filePath, output, "utf-8");
     return filePath;
   } catch (err) {
     debugLog("general", "Failed to save full output to file", { toolName, error: String(err) });
@@ -7790,7 +9064,7 @@ Please decide how to handle this error and continue.`;
         const digestResult = await digestToolOutput(
           outputText,
           call.name,
-          JSON.stringify(call.input).slice(0, 200),
+          JSON.stringify(call.input).slice(0, DISPLAY_LIMITS.OUTPUT_SUMMARY),
           llmDigestFn
         );
         outputText = digestResult.digestedOutput;
@@ -7880,8 +9154,8 @@ Please decide how to handle this error and continue.`;
 };
 
 // src/agents/prompt-builder.ts
-import { readFileSync as readFileSync4, existsSync as existsSync7, readdirSync as readdirSync2 } from "fs";
-import { join as join9, dirname as dirname5 } from "path";
+import { readFileSync as readFileSync5, existsSync as existsSync8, readdirSync as readdirSync2 } from "fs";
+import { join as join10, dirname as dirname5 } from "path";
 import { fileURLToPath as fileURLToPath4 } from "url";
 
 // src/shared/constants/prompts.ts
@@ -7935,10 +9209,104 @@ var INITIAL_TASKS = {
   RECON: "Initial reconnaissance and target discovery"
 };
 
+// src/shared/utils/time-strategy.ts
+var TIME_CONSTANTS = {
+  /** Milliseconds per minute */
+  MS_PER_MINUTE: 6e4,
+  /** Minutes threshold for sprint-to-exploit switch (no deadline mode) */
+  SPRINT_MINUTES: 10,
+  /** Deadline percentage thresholds for phase transitions */
+  PHASE_SPRINT: 0.25,
+  PHASE_EXPLOIT: 0.5,
+  PHASE_CREATIVE: 0.75
+};
+function getTimeAdaptiveStrategy(elapsedMs, deadlineMs) {
+  if (deadlineMs === 0) {
+    const mins = Math.floor(elapsedMs / TIME_CONSTANTS.MS_PER_MINUTE);
+    if (mins < TIME_CONSTANTS.SPRINT_MINUTES) {
+      return {
+        phase: "sprint",
+        label: "SPRINT",
+        urgency: "low",
+        directive: `\u26A1 SPRINT MODE (${mins}min elapsed): Parallel reconnaissance. Full port scan + service enumeration + default credentials. Attack immediately on any finding.`
+      };
+    }
+    return {
+      phase: "exploit",
+      label: "EXPLOIT",
+      urgency: "low",
+      directive: `\u{1F3AF} EXPLOIT MODE (${mins}min elapsed): Focus on discovered vectors. Chain findings. Build custom tools if needed.`
+    };
+  }
+  const totalMs = deadlineMs - (deadlineMs > Date.now() ? Date.now() - elapsedMs : 0);
+  const remainingMs = Math.max(0, deadlineMs - Date.now());
+  const pct = totalMs > 0 ? 1 - remainingMs / totalMs : 1;
+  const remainingMins = Math.floor(remainingMs / TIME_CONSTANTS.MS_PER_MINUTE);
+  if (pct < TIME_CONSTANTS.PHASE_SPRINT) {
+    return {
+      phase: "sprint",
+      label: "SPRINT",
+      urgency: "low",
+      directive: [
+        `\u26A1 SPRINT MODE (${remainingMins}min remaining):`,
+        "- Run ALL scans in parallel (nmap TCP/UDP, web fuzzing, CVE search)",
+        "- Try default/weak credentials on every discovered service IMMEDIATELY",
+        "- Check for exposed files (.env, .git, backup.sql, phpinfo)",
+        "- Anonymous access: FTP, SMB null session, Redis no auth, MongoDB",
+        "- Goal: Maximum attack surface discovery + instant wins"
+      ].join("\n")
+    };
+  }
+  if (pct < TIME_CONSTANTS.PHASE_EXPLOIT) {
+    return {
+      phase: "exploit",
+      label: "EXPLOIT",
+      urgency: "medium",
+      directive: [
+        `\u{1F3AF} EXPLOIT MODE (${remainingMins}min remaining):`,
+        "- Concentrate on discovered vectors with highest success probability",
+        "- Run parallel exploitation attempts on multiple targets",
+        "- Search for CVE PoCs for every identified service+version",
+        "- Chain: credentials \u2192 spray everywhere, LFI \u2192 config \u2192 DB creds",
+        "- Keep background scans running for new targets"
+      ].join("\n")
+    };
+  }
+  if (pct < TIME_CONSTANTS.PHASE_CREATIVE) {
+    return {
+      phase: "creative",
+      label: "CREATIVE",
+      urgency: "high",
+      directive: [
+        `\u{1F52C} CREATIVE MODE (${remainingMins}min remaining):`,
+        "- Try advanced techniques: chained exploits, custom tools, race conditions",
+        "- Binary analysis for SUID/custom binaries, kernel exploits for privesc",
+        "- Protocol-level attacks: SMB relay, Kerberoasting, ADCS abuse",
+        '- Search for latest bypasses: web_search("{defense} bypass 2025")',
+        "- If stuck >5min on any vector, SWITCH immediately"
+      ].join("\n")
+    };
+  }
+  return {
+    phase: "harvest",
+    label: "HARVEST",
+    urgency: "critical",
+    directive: [
+      `\u{1F3C1} HARVEST MODE (${remainingMins}min remaining \u2014 FINAL PUSH):`,
+      "- STOP exploring new vectors. Focus on what you HAVE.",
+      "- Submit ALL discovered flags immediately",
+      "- Check obvious flag locations: /root/flag.txt, env vars, DB tables",
+      "- Re-check previously accessed systems for missed flags",
+      "- Collect and record ALL evidence and proof files",
+      "- Write final report with all findings"
+    ].join("\n")
+  };
+}
+
 // src/agents/prompt-builder.ts
 var __dirname4 = dirname5(fileURLToPath4(import.meta.url));
-var PROMPTS_DIR = join9(__dirname4, "prompts");
-var TECHNIQUES_DIR = join9(PROMPTS_DIR, PROMPT_PATHS.TECHNIQUES_DIR);
+var PROMPTS_DIR = join10(__dirname4, "prompts");
+var TECHNIQUES_DIR = join10(PROMPTS_DIR, PROMPT_PATHS.TECHNIQUES_DIR);
 var { AGENT_FILES } = PROMPT_PATHS;
 var PHASE_PROMPT_MAP = {
   // Direct mappings — phase has its own prompt file
@@ -7987,7 +9355,7 @@ var PromptBuilder = class {
   /**
    * Build complete prompt for LLM iteration.
    *
-   * Layers (phase-aware, ~25-30K tokens vs previous ~53K):
+   * Layers (phase-aware, enhanced with improvements #2,#3,#6,#7,#8,#12,#14):
    * 1. base.md — Core identity, rules, autonomy, shell management (~7.6K tok)
    * 2. Phase-specific prompt — current phase's full specialist knowledge (~2K tok)
    * 3. Core methodology — strategy, orchestrator, evasion (always loaded, ~12K tok)
@@ -7995,8 +9363,14 @@ var PromptBuilder = class {
    * 5. Scope constraints
    * 6. Current state (targets, findings, loot, active processes)
    * 7. TODO list
-   * 8. Time awareness (elapsed + deadline)
-   * 9. User context
+   * 8. Time awareness + adaptive strategy (#8)
+   * 9. Challenge analysis (#2: Auto-Prompter)
+   * 10. Attack graph (#6: recommended attack chains)
+   * 11. Working memory (#12: failed/succeeded attempts)
+   * 12. Session timeline (#12: episodic memory)
+   * 13. Learned techniques (#7: dynamic technique library)
+   * 14. Persistent memory (#12: cross-session knowledge)
+   * 15. User context
    */
   build(userInput, phase) {
     const fragments = [
@@ -8009,6 +9383,18 @@ var PromptBuilder = class {
       this.getStateFragment(),
       this.getTodoFragment(),
       this.getTimeFragment(),
+      this.getChallengeAnalysisFragment(),
+      // #2
+      this.getAttackGraphFragment(),
+      // #6
+      this.getWorkingMemoryFragment(),
+      // #12
+      this.getEpisodicMemoryFragment(),
+      // #12
+      this.getDynamicTechniquesFragment(),
+      // #7
+      this.getPersistentMemoryFragment(),
+      // #12
       PROMPT_DEFAULTS.USER_CONTEXT(userInput)
     ];
     return fragments.filter((f) => !!f).join("\n\n");
@@ -8028,8 +9414,8 @@ ${content}
    * Load a prompt file from src/agents/prompts/
    */
   loadPromptFile(filename) {
-    const path2 = join9(PROMPTS_DIR, filename);
-    return existsSync7(path2) ? readFileSync4(path2, PROMPT_CONFIG.ENCODING) : "";
+    const path2 = join10(PROMPTS_DIR, filename);
+    return existsSync8(path2) ? readFileSync5(path2, PROMPT_CONFIG.ENCODING) : "";
   }
   /**
    * Load phase-specific prompt.
@@ -8075,15 +9461,15 @@ ${content}
    * "마크다운 파일 하나를 폴더에 넣으면, PromptBuilder가 자동으로 발견하고 로드한다."
    */
   loadPhaseRelevantTechniques(phase) {
-    if (!existsSync7(TECHNIQUES_DIR)) return "";
+    if (!existsSync8(TECHNIQUES_DIR)) return "";
     const priorityTechniques = PHASE_TECHNIQUE_MAP[phase] || [];
     const loadedSet = /* @__PURE__ */ new Set();
     const fragments = [];
     for (const technique of priorityTechniques) {
-      const filePath = join9(TECHNIQUES_DIR, `${technique}.md`);
+      const filePath = join10(TECHNIQUES_DIR, `${technique}.md`);
       try {
-        if (!existsSync7(filePath)) continue;
-        const content = readFileSync4(filePath, PROMPT_CONFIG.ENCODING);
+        if (!existsSync8(filePath)) continue;
+        const content = readFileSync5(filePath, PROMPT_CONFIG.ENCODING);
         if (content) {
           fragments.push(`<technique-reference category="${technique}">
 ${content}
@@ -8096,8 +9482,8 @@ ${content}
     try {
       const allFiles = readdirSync2(TECHNIQUES_DIR).filter((f) => f.endsWith(".md") && f !== "README.md" && !loadedSet.has(f));
       for (const file of allFiles) {
-        const filePath = join9(TECHNIQUES_DIR, file);
-        const content = readFileSync4(filePath, PROMPT_CONFIG.ENCODING);
+        const filePath = join10(TECHNIQUES_DIR, file);
+        const content = readFileSync5(filePath, PROMPT_CONFIG.ENCODING);
         if (content) {
           const category = file.replace(".md", "");
           fragments.push(`<technique-reference category="${category}">
@@ -8129,9 +9515,52 @@ ${content}
     return PROMPT_XML.TODO(list || PROMPT_DEFAULTS.EMPTY_TODO);
   }
   getTimeFragment() {
-    return `<time-status>
+    const elapsed = this.state.getElapsedMs();
+    const remaining = this.state.getRemainingMs();
+    const baseTime = `<time-status>
 ${this.state.getTimeStatus()}
 </time-status>`;
+    const strategy = getTimeAdaptiveStrategy(
+      elapsed,
+      remaining > 0 ? Date.now() + remaining : 0
+    );
+    return `${baseTime}
+
+<time-strategy phase="${strategy.phase}" urgency="${strategy.urgency}">
+${strategy.directive}
+</time-strategy>`;
+  }
+  // --- Improvement #2: Auto-Prompter Challenge Analysis ---
+  getChallengeAnalysisFragment() {
+    const analysis = this.state.getChallengeAnalysis();
+    if (!analysis) return "";
+    return formatChallengeAnalysis(analysis);
+  }
+  // --- Improvement #6: Attack Graph ---
+  getAttackGraphFragment() {
+    return this.state.attackGraph.toPrompt();
+  }
+  // --- Improvement #12: Working Memory ---
+  getWorkingMemoryFragment() {
+    return this.state.workingMemory.toPrompt();
+  }
+  // --- Improvement #12: Episodic Memory ---
+  getEpisodicMemoryFragment() {
+    return this.state.episodicMemory.toPrompt();
+  }
+  // --- Improvement #7: Dynamic Technique Library ---
+  getDynamicTechniquesFragment() {
+    return this.state.dynamicTechniques.toPrompt();
+  }
+  // --- Improvement #12: Persistent Memory ---
+  getPersistentMemoryFragment() {
+    const services = [];
+    for (const target of this.state.getAllTargets()) {
+      for (const port of target.ports) {
+        if (port.service) services.push(port.service);
+      }
+    }
+    return this.state.persistentMemory.toPrompt(services);
   }
 };